also @ TechSpot: Blizzard talks Diablo 3 facts, nerfing and buffs for legendary items

TechSpot

[Resolved] Windows Vista Security virus

Discussion in 'Virus and Malware Removal' started by mom26gr8kids, Dec 14, 2011.

Thread Status:
Not open for further replies.
Page 3 of 3

  1. Bobbye Helper on the Fringe

    Okay Kendra, here you go:

    First: Removing all of the tools we used and the files and folders they created
    • Uninstall ComboFix and all Backups of the files it deleted
    • Click START> then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
      [IMG]
    • Download OTCleanIt by OldTimer and save it to your Desktop.
    • Double click OTCleanIt.exe.
    • Click the CleanUp! button.
    • Select Yes when the "Begin cleanup Process?" prompt appears.
    • If you are prompted to Reboot during the cleanup, select Yes.
    • The tool will delete itself once it finishes.
    -----
    Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.

    Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
    ------------------------------------------
    • You should now set a new Restore Point and remove the old restore points to prevent infection from any previous Restore Points.
    • Go to Start > All Programs > Accessories > System Tools
    • Click "System Restore".
    • Choose "Create a Restore Point" on the first screen then click "Next".
    • Give the Restore Point a name> click "Create".
    • Go back and follow the path to > System Tools.
      [*]Choose Disc Cleanup
      [*]Click "OK" to select the partition or drive you want.
      [*]Click the "More Options" Tab.
      [*]Click "Clean Up" in the System Restore section to remove all previous Restore Points except the newly created one.


    Empty the Recycle Bin
    =============================================
    Second: Tips for added security and safer browsing: (Links are in Bold Blue)
    1. Browser Security
      [o] Safe Settings (Please ignore the suggestion to use the Registry Editor in this section "Creating a Custom Security Zone")
      [o] ZonedOut. This manages the Zones in Internet Explorer. (For IE7 and IE8, Windows 2000 thru Vista. No Windows 7)
      [o] Replace the Host Files
      [o] Google Toolbar Pop Up Blocker
      [o]Web of Trust (WOT) Site Advisor. Traffic-light rating symbols show which rate the site for Trustworthiness, Vendor Reliability, Privacy, Child Safety.
    2. Have layered Security:
      [o]Antivirus :(only one):Both of the following programs are free and known to be good:
      [o]Avira-AntiVir-Personal-Free-Antivirus
      [o]Avast-Free Antivirus
      [o]Firewall (only one): Use bi-directional firewall. Both of the following programs are free and known to be good:
      [o]Comodo
      [o]Zone Alarm
    3. Antimalware: I recommend all of the following:
      [o]Spywareblaster: SpywareBlaster protects against bad ActiveX.
      [o]Spybot Search & Destroy
    4. Updates: Stay current:
      [o] the Microsoft Download Sitefrequently. All updates marked Critical and the current SP updates.
      [o]Adobe Reader Install current, uninstall old.
      [o]Java Updates Install current, uninstall old.
    5. Tracking Cookies
      Reset Cookie:> Previously given.
    6. Do regular Maintenance
      [o]Clean the temporary internet files often: Temporary File Cleaner
      [o]Run the Disc cleanup, Error Check & Defrag once a month
    7. Restore Points:
      [o]See System Restore Guide
    8. Safe Email Handling
      [o] Don't open email from anyone you don't know.
      [o] Don't open Attachments in the email. Safe to your desktop and scan for viruses using a right click
      [o] Don't leave your personal email address on the internet. Have a separate email account at one of the free web-based emails like Yahoo.
    Please let me know if you find any bad link.
    =============================
    Maintenance suggestions can be found in #6. Spybot S&D and the AV are only concerned with malware. They have no functions to keep the system itself in good operating condition. Other than TFC, you don't need extra programs for this. Windows already have the features as part of the OS- all you have to do is remember to use them!

    Two other suggestions:
    1. Windows needs to be rebooted occasionally. OK to use Standby or Sleep but the reboot will restore some memory and put back some order.
    2. Check the Add/remove Program list occasionally. Uninstall any program you don't use and/or any outdated programs.
    3. Check the Cookies occasionally. Whenever you visit a site, you will get their First Party Cookie- this is normal. But they can add up. Delete those you don't need, keep the ones that store a user name and password.
    Have a Happy and Peaceful Holiday![IMG]
    Bobbye, Dec 28, 2011
    #41

  2. Bobbye Helper on the Fringe

    The problem you described in your PM with the Combofix uninstall is not normal:
    You should not have gotten any security alerts. But since I have no idea what the prompts were that you allowed, I do not have enough information to address the problem.

    Reboot the computer, then run it through the Error Check again:
    Right click on Start> Explore> My Computer> Right click on the Local Drive (usually C)> Properties> Tools tab:

    * Click on the Error Check
    * On the screen that comes up, check both boxes
    * Close the nag message and reboot the computer
    * The error Check should start in a few seconds.
    * Let it complete. It may take a long time if you do no do this regularly.
    * The system will reboot when finished.
    ========================================
    If there are any new problems, you can let me know Monday:
    New Holiday Notice! I will not be working on the threads Sat. Dec. 31 or Sunday Jan. 1 I will begin with the oldest threads first on Monday. I will do my best to get you finished or as far along as I can before that. Please do not send a PM during those days.
    Bobbye, Dec 30, 2011
    #42

  3. mom26gr8kids TechSpot Enthusiast

    Small problems

    All right,. Since I uninstalled ComboFix a few days ago I have been having some problems with my computer.

    I did manage to uninstall ComboFix and run The tool that takes off all the virus software we installed during the clean-up process. As previously mentioned when I was running ComboFix Uninstall I kept getting alerts from Comodo and then right afterwards my computer had another fatal error crash dump.

    In regards to the prompts I received they were no different than prompts I normally get when Comodo is in training mode and I am installing or uninstalling a program. They were messages about how whatever.exe is a safe application, but it didn't recognize the parent application. Going into my Comodo I can only view portions of the alerts, but they are all in regards to ComboFix. Since I recently re-installed Comodo I have been getting those prompts when I run programs, so it didn't seem atypical.

    Last night when I sat down to run a check disk my computer was causing me some problems. I kept getting alerts from Spybot. Here are some o them: detected registry entry changed: Browser Helper Object: 8E5E2654-AD2D-48bf-AC2D-D17F00898D06 and then a similar message with this instead: 9030D464-4CO2-4ABF-8ECC-5164760863C6. There were others, but when they came up I clicked deny change. The problem was that after I clicked deny change on those alerts they came up again. I denied them several times and then it wouldn't let me deny them anymore, so the only way to get them off my screen was to allow them. (I didn't allow them, but that was the only option available that I could click on)

    In addition I kept getting error messages when I tried to access the check disk. So, I did a manual reboot of my computer to get rid of the Spybot messages and when everything came back up I was able to run the check disk.

    Since the check disk I am having no problems with my computer and I ran both my Avast and SAS this morning with no major threats detected (SAS had a couple tracking cookies). The only issue was that my AVAST had two files it could not scan because it could not find the system path.

    The other weird thing is that even though I deleted Norton last week when I turned my computer on yesterday it was back up and asking me for permission to scan something or update, I can't remember. Could this be what is causing all the alerts about changes?

    So my question is: Is this even a virus issue? Should I try de-fragging the system and see if that helps, or do you want me to run through the preliminary steps again to see if there is anything on my system?

    And when we have a minute I would like to remove the Norton and keep it from coming back.

    Thanks
    mom26gr8kids, Jan 2, 2012
    #43

  4. mom26gr8kids TechSpot Enthusiast

    Okay, before I got off the computer for a bit I decided to click on the Norton Internet Security Icon that was on my system and all of the updates and such were running. There were live updates running and script blocking protection and browser security. I disabled everything because I already have virus software running, but I think it is a possibility that Norton is what caused all the confusion in my system last night since I had multiple anti-virus programs running, particularly since the majority of the alerts from Spybot had to do with my IE browser. Maybe now I won't have any additional problems.

    Kendra
    mom26gr8kids, Jan 2, 2012
    #44

  5. Bobbye Helper on the Fringe

    Glad you resolved the problem.

    Thread being reclosed at member's request.
    Bobbye, Jan 6, 2012
    #45
Page 3 of 3
Thread Status:
Not open for further replies.