Solved Followed 7-step Removal Process, here are logs

[bbanks72]

I copied everything in the box and ran as described.

Everything seems to be running fine other thn the history not showing sites visited. I have mentioned this before but I am not worried about it. Just trying to describe what I have noticed since I didn't start off very well.

Thanks.

 

[Bobbye]

Check the History setting in the browser- see how many days it's set to keep History.

Are you using a firewall? Which one?

 

[bbanks72]

History is set at 20 days. Firewall is thru Chater Security Suite.

 

[Bobbye]

================================================
Accessing the firewall feature of the Charter Security Suite:

Charter Security Suite version 9 users:

1. . Double-click on the Charter Security Suite Icon in the Task Bar. This will launch the application.
2. . Click the Settings button.
3. . Click the Network Connections header to expand the menu, then click Firewall. To protect your computer, the firewall is turned on by default. It is recommended that you do not turn this feature off.
4. . The firewall profile defines the level of protection on your computer and has several options to choose from.
5. . To change the profile, click the down arrow in the box next to Current firewall profile and click the desired profile from the list.
   [o] Office/File & Print Sharing - This profile opens the necessary ports on your computer to share files and printers between multiple computers located on your home network. In order to successfully share files and printers, all computers running the Charter Security Suite must have the firewall set to this profile.
   [o] Block all - A very strict firewall profile usually blocks most of the network traffic. This may prevent you from using some of the programs on your computer.
   [o] Normal - A medium profile usually allows all outbound Internet traffic from your computer. The medium profile may deny some inbound services and generate alerts about them.
   [o] Custom - A custom profile allows you to select which ports to open and which ports to close. This profile should only be used by experienced users.
   [o] Allow all - A very loose profile usually allows all network traffic, both inbound and outbound, and does not generate any alerts. Because this profile leaves your computer unprotected, do not use it except for in special cases.

Courtesy of askcharter
---------------------------------------------------
It looks like you have the Custom Setting and have set the ports to open. When you open the program Firewall section, you will see this:

The Profile box for the setting is top right. The image shows "Office."
Change the profile to Normal

Once you have done that, click on OK, then Close.

Please return here and let me know what the setting was when you opened it and if you were able to change to Normal as instructed. I will give you additional information if needed.
=========================================
About the History: 20 days is a lot of temporary internet files to keep on the system. I suggest you lower the number. For instance, I keep History for 3 days and drop the temporary internet files every time I close the browser.

The shield with the red X is most likely a warning the the Security Center is not operational or that a part of it is shut down.

We'll work on the wireless when the firewall is set. You haven't given me much to go on.

 

[bbanks72]

Firewall setting was Office/File & Print Sharing. I was able to change it to normal.

I was concerned that the red shield was a virus but it sounds like it's ok.

Wireless has resumed working after the 1st couple of scans so we are ok there.

 

[Bobbye]

Have yoiu considered the possibility that all or most of the history has been delete or quarantined.

Do you have any Bookmarks or Favorites in place? Are the showing normally?.

 

[bbanks72]

Favarites are all in place and working fine. I expected all of the old history to disappear with all of the scans but even pages visited today do not show. It's no big deal, I just wanted to give you all of the info I could since we started off with me not knowing what info to give.

 

[Bobbye]

What browser are you using? See if either of these are checked:

IE: Tools> Internet Options> Advanced tab> Security section> Checked???? 'empty temporary internet files folder when browser is closed'.
Firefox: Tools> Options> Privacy> History section> Checked???? 'clear history when Firefox is closed.'

 

[bbanks72]

IE is the browser. The empty temp internet files box is unchecked.

 

[Bobbye]

You can try running the Error Check:
Right click on Start> Explore> My Computer> Right click on Local Drive (C)> Properties> Tools tab> Error Check> Check both boxes on the screen that comes up> Apply> Close the message that comes up> Reboot.

The Error Check should start in a few seconds. Let it finish. System will reboot when done.

When you click on the arrow point to the right of the Address Bar, is there a drop down menu with site addresses? If there is, choose one of them and see if it loads the site.

You have given me so little information to work with. Be on the look for the Windows CD. You may have to use it. Can you verify for me please that this is a legitimate OS?

 

[bbanks72]

Ran the error check

Sites load from address bar

OS is legitimate.

Forget about the history not showing up, is there anything else I need to do related to the virus issue that I had.

 

[Bobbye]

From a malware point of view, the system does not show any indication of it remaining. I think the problem with History is somewhere within the browser settings. The only thing that concerns me are the open ports. I've closed the all twice, but they are still open. I urge you to use the Charter information I left for the firewall- locate the ports and close them.
Hopefully you saved the change in the firewall setting, then rebooted after the change.
==================================================
Removing all of the tools we used and the files and folders they created

• Uninstall ComboFix and all Backups of the files it deleted
• Click START> then RUN
• Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
  
  

• Download OTCleanIt by OldTimer and save it to your Desktop.
• Double click OTCleanIt.exe.
• Click the CleanUp! button.
• Select Yes when the "Begin cleanup Process?" prompt appears.
• If you are prompted to Reboot during the cleanup, select Yes.
• The tool will delete itself once it finishes.

-----
Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
------------------------------------------

• You should now set a new Restore Point and remove the old restore points to prevent infection from any previous Restore Points.
• Go to Start > All Programs > Accessories > System Tools
• Click "System Restore".
• Choose "Create a Restore Point" on the first screen then click "Next".
• Give the Restore Point a name> click "Create".
  
• Go back and follow the path to > System Tools.
  [*]Choose Disc Cleanup
  [*]Click "OK" to select the partition or drive you want.
  [*]Click the "More Options" Tab.
  [*]Click "Clean Up" in the System Restore section to remove all previous Restore Points except the newly created one.

Empty the Recycle Bin

Let me know if you have any more questions.

 

[bbanks72]

Completed, Thanks

 

[Bobbye]

You're welcome!