MSN virus?

By dayslayer8 ยท 32 replies
Jul 31, 2010
  1. Well, like the other topic, i have received the virus from msn. For some reason DDS just closes when it starts and i have disabled my antivirus. SO I am just going to upload the 2 logs, Malwarebtye and GMER, for now.
    Oh and for GMER i had to disable devices.

    And another thing was that I had one or a few virus prior to the msn virus as the computers from school gives a virus whenever I plug a USB in it.

    Apparently DDS is a screensaver file, just letting you know.

    Attached Files:

  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Firstly, you do not have to disable the antivirus to run these preliminary logs, so please enable it again.

    Second, you have a Backdoor.IRCBot. This is a type of Trojan that it also often referred to as a 'bot' that opens a back door that allows a remote attacker to take control of the compromised computer.It connects to Internet Relay Chat (IRC) channels to launch distributed denial of service (DDoS) attacks.

    DDS is not a screensaver file- it is a FLEXIT Singleshot Survey Raw Data file. Please observe the following and run DDS again, leaving the log in your next reply:
    You may have to disable any script protection running if the scan fails to run.
  3. dayslayer8

    dayslayer8 TS Enthusiast Topic Starter Posts: 55

    Sorry, i don't know what to do to "disable any script protection running ". I am pretty sure i don't have anything blocking the programs; mabye i do but i really don't know.
    I have right clicked it and went into propeties, and clicked the unblock thing. DDS still does not work.
    When i open DDS, the cmd window opens up and then quickly closes. I am not sure if that's what it is supposed to do but i've waitied for an hour and still no logs.
    Mabye i can use something alternate?
  4. dayslayer8

    dayslayer8 TS Enthusiast Topic Starter Posts: 55

    Oh and just incase if you need this.
    Some of my symptoms are:
    Internet Explorer cannot run or be started. I have to use Firefox instead.
    Windows Media Player cannot be run or be started.
    No more sound output. If i try to watch a video either on my computer or online, there will be no sound. I am pretty sure my speakers are connected correctly with volume turned up.
    Internet Connection icon in system tray shows that there are no connection, even though i am connected to the internet.
    Secruity Centre keeps giving me a security pop up message from system tray, every second.
    And also DDS doesn't work, mabye it's blocked by the virus?
  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Please see the friendly infomation on this site for script blocker:

    Then try DDS again.
    Follow by running these:

    Please download ComboFix from Here and save to your Desktop.

    • [1]. Do NOT rename Combofix unless instructed.
      [2].Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      [3].Close any open browsers.
      [4]. Double click combofix.exe & follow the prompts to run.
    • NOTE: Combofix will disconnect your machine from the Internet as soon as it starts. The connection is automatically restored before CF completes its run. If it does not, restart your computer to restore your connection.
      [5]. If Combofix asks you to install Recovery Console, please allow it.
      [6]. If Combofix asks you to update the program, always allow.
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
      [7]. A report will be generated after the scan. Please post the C:\ComboFix.txt in next reply.
    Note: Do not mouseclick combofix's window while it's running. That may cause it to stall.
    Note: Make sure you re-enable your security programs, when you're done with Combofix..
    Re-enable your Antivirus software.
    Run Eset NOD32 Online AntiVirus scan HERE
    1. Tick the box next to YES, I accept the Terms of Use.
    2. Click Start
    3. When asked, allow the Active X control to install
    4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    5. Click Start
    6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    7. Click Scan
    8. Wait for the scan to finish
    9. Re-enable your Antivirus software.
    10. A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
    About this:
    Someone needs to advise the school IT people that the USB drives are infected and need to be disinfected.

    Why are you using a USB drive?
  6. dayslayer8

    dayslayer8 TS Enthusiast Topic Starter Posts: 55

    Hi Thanks for the website. Unfortunately, it did not help me. Just like before, DDS will open up for just a fraction of a second then quickly close itself. Am I really hopeless now?
    As for the USB thing, i use it to transfer my projects and homework.
    Should i skip the DDS and continue with Combofix or is DDS a must?
  7. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Do you have No Script on Firefox? Open Firefox> Tools> Add-ons> Look for 'No Script'> if it's listed, disable it and restart Firefox. Then run DDS.

    If you still can't do it, continue on with Combofix and the Eset scan.
  8. dayslayer8

    dayslayer8 TS Enthusiast Topic Starter Posts: 55

    Hi! I checked firefox and there was no "No Script" addons. HOWEVER, during the ESET scan, DDS automatically started and it actually worked! I don't know why it just started, i never even clicked on it or anything, but it scanned and generated the 2 logs, which i will attach to this post with my other logs. As my ESET thing continues to scan, DDS started automatically again and generated the two logs for the second time. This is strange. I will attach my ComboFix log rather than pasting it as it is too long.

    Thank you again for your continuous, persistant help.

    Edit: errr, DDS has just automatically opened up and scanned again, is this going to be a problem?

    Attached Files:

  9. Broni

    Broni Malware Annihilator Posts: 54,258   +383

    Message from Bobbye:


    I don't see any AV program running. What happened to NOD32?


    Please, uninstall AskBarDis as it's considered as an adware.


    Combofix looks fine.
    What are the current issues?

    Uninstall Combofix:
    Go Start > Run [Vista users, go Start>"Start search"]
    Type in:
    Combofix /Uninstall
    Note the space between the "Combofix" and the "/Uninstall"
    Click OK (Vista users - press Enter).
    Restart computer.


    Download OTL to your Desktop.

    * Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    * Under the Custom Scan box paste this in:

    drivers32 /all
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\user32.dll /md5
    %systemroot%\system32\ws2_32.dll /md5
    %systemroot%\system32\ws2help.dll /md5
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

    * Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
  10. dayslayer8

    dayslayer8 TS Enthusiast Topic Starter Posts: 55

    Hi, thanks for taking over. I think I disabled my NOD32 during one of the scan but forgot to re-enable. As for AskBarDis, i don't know how to uninstall it. It is not in 'Program and Features' and when i searched for it, the only results were the two DDS logs; also it is not in my firefox addons.
    My current problems are the same as before. I can not open/start internet explorer and windows media center. There are no more sound output anymore. Internet connection icon in system tray shows no connection with a red cross thing when clearly i do have internet. Security centre popup messages pops up every second saying i've disablled UAC which is true though.
    Also before, windows automatic update would be disabled everytime i start up the computer. However, it has stopped for some reason.
    Sorry i cannot post the 2 logs as they are too long, i will attach them instead.

    Attached Files:

  11. Broni

    Broni Malware Annihilator Posts: 54,258   +383

    As for AskBarDis we'll remove leftovers manually in a moment.

    See here: how to disable that alert.

    What does happen, when you try. Do you try to open them from desktop shortcut>
    How about going Start>All Programs....?

    Any sound? Internet, Windows sounds, music CD?

    Are you posting from very same computer, using another browser, or....?


    Update your Java version here:

    Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

    Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

    Now, we need to remove old Java version and its remnants...

    Download JavaRa to your desktop and unzip it to its own folder
    • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
    • Accept any prompts.


    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} (Reg Error: Key error.)
      O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
      [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
      [1 C:\Users\zihao\Desktop\*.tmp files -> C:\Users\zihao\Desktop\*.tmp -> ]
      @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:586F1F7F
      @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:341E39B2
      C:\Program Files\AskBarDis
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • You will get a log that shows the results of the fix. Please post it.
    • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
  12. dayslayer8

    dayslayer8 TS Enthusiast Topic Starter Posts: 55

    Hi, thanx for the link and it fixed the security centre message problem.

    Still, i cannot start internet explorer and windows media player (sorry its player; media center is fine); shortcut, start-menu or in the program's folder, it just doesn't start when i click on it.

    Also, there are absolutely no sound whatso ever, online video, music, CD or even just programs' sounds, no sound output at all.

    Yes i am using the same computer. The icon shows i have no internet connection and is not connected to the internet, while i am here using firefox to make a post-reply.

    As for JAVA update, the installer kept giving me an error message.
    'Error 1719. The Windows Installer Service could not be accessed. This can occur if the Windows Installer is not correctly installed. Contact your support personnel for assistance'

    here is my OTL fix log: (I will attach the scan log)

    All processes killed
    ========== OTL ==========
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
    C:\Program Files\AskBarDis\bar\bin\askBar.dll moved successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ deleted successfully.
    File C:\Program Files\AskBarDis\bar\bin\askBar.dll not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
    Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
    C:\Windows\Downloaded Program Files\erma.inf moved successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
    C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP\WiseCustomCalla.dll deleted successfully.
    C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP folder deleted successfully.
    C:\Windows\msdownld.tmp folder deleted successfully.
    C:\Users\zihao\Desktop\~WRL0003.tmp deleted successfully.
    ADS C:\ProgramData\TEMP:586F1F7F deleted successfully.
    ADS C:\ProgramData\TEMP:341E39B2 deleted successfully.
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    C:\Program Files\AskBarDis\bar\Settings folder moved successfully.
    C:\Program Files\AskBarDis\bar\bin folder moved successfully.
    C:\Program Files\AskBarDis\bar folder moved successfully.
    C:\Program Files\AskBarDis folder moved successfully.
    ========== COMMANDS ==========


    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes
    ->Flash cache emptied: 41620 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Desktop
    ->Temp folder emptied: 0 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    User: user
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 283173944 bytes
    ->Java cache emptied: 73708168 bytes
    ->FireFox cache emptied: 89351040 bytes
    ->Flash cache emptied: 22672 bytes

    User: zihao
    ->Temp folder emptied: 960272 bytes
    ->Temporary Internet Files folder emptied: 732443 bytes
    ->Java cache emptied: 155784053 bytes
    ->FireFox cache emptied: 44754394 bytes
    ->Flash cache emptied: 61819 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 283885219 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 78977958 bytes

    Total Files Cleaned = 965.00 mb


    User: All Users

    User: Default
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: Desktop

    User: Public

    User: user
    ->Flash cache emptied: 0 bytes

    User: zihao
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0.00 mb

    OTL by OldTimer - Version log created on 08072010_101612

    Files\Folders moved on Reboot...

    Registry entries deleted on Reboot...

    Attached Files:

    • OTL.Txt
      File size:
      111.1 KB
  13. Broni

    Broni Malware Annihilator Posts: 54,258   +383

    Open Windows Explorer.
    Navigate to C:\Program Files>Internet Explorer and double click on iexplore.exe.
    Will IE start?

    Go Start>Control Panel>Device Manager
    Do you have any errors there?

    Regarding Java...
    Run JavaRa first to uninstall old Java versions.
    Then go my link to update Java, but make sure to download "offline" version and try to install it again by double clicking on downloaded file.
  14. dayslayer8

    dayslayer8 TS Enthusiast Topic Starter Posts: 55

    Hi, unfortunately, iexplorer still does not start and there are no errors in device manager.
    Java installer still gives the same error even after uninstalling the old version first.
  15. Broni

    Broni Malware Annihilator Posts: 54,258   +383

    Uninstall IE8.
    Go Start>Control Panel>Programs & Features
    Click on "View installed updates" in left pane.
    Look for Windows Internet Explorer 8 and uninstall it.
    It'll revert itself to IE7.
    See, if IE7 will work.
  16. dayslayer8

    dayslayer8 TS Enthusiast Topic Starter Posts: 55

    Hi, Unfortunately, windows internet explorer is not in program and features.
    I just discovered that in uninstall an update section in programs and features, all the items has disappeared.

    I've also checked in the Internet Explorer folder in Program Files and did not find an uninstaller
  17. Broni

    Broni Malware Annihilator Posts: 54,258   +383

  18. dayslayer8

    dayslayer8 TS Enthusiast Topic Starter Posts: 55

    uninstalled IE8 and internet explorer still does not start.
  19. Broni

    Broni Malware Annihilator Posts: 54,258   +383

    Go Start>Run ("Start Search" in Vista/7), type in:
    sfc /scannow
    Click OK (hold CTRL, and SHIFT, hit Enter in Vista/7).
    Have Windows CD/DVD handy (with Vista/7, most likely, you won't need it).
    If System File Checker (sfc) will find any errors, it may ask you for the CD/DVD (rarely in Vista/7 case).
  20. dayslayer8

    dayslayer8 TS Enthusiast Topic Starter Posts: 55

    Hi, i've done sfc /scannow. The cmd window closed itself after scan and i didn't pay attention and did not see any messages. I guess its all good? However, i still have the same problems as before. Does this mean that the virus is still on the computer?
  21. Broni

    Broni Malware Annihilator Posts: 54,258   +383

    No, by now, your computer should be pretty much clean by now, but it looks like you may have some Windows issues.

    Let's finish cleaning process first...

    1. Download Security Check from HERE, and save it to your Desktop.
    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    2. Download Temp File Cleaner (TFC)
    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.

    3. Go to Kaspersky website and perform an online antivirus scan.

    • Disable your active antivirus program.
    • Read through the requirements and privacy statement and click on Accept button.
    • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
    • When the downloads have finished, click on Settings.
    • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      • Spyware, Adware, Dialers, and other potentially dangerous programs
      • Archives
      • Mail databases
    • Click on My Computer under Scan.
    • Once the scan is complete, it will display the results. Click on View Scan Report.
    • You will see a list of infected items there. Click on Save Report As....
    • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.
  22. dayslayer8

    dayslayer8 TS Enthusiast Topic Starter Posts: 55

    Hi, when i was running Security Check, during the preparing stage, there was an error:
    'Line - 1: Error:Variable must be of type "object" ' I clicked ok and it continued to run. I'm not sure if it's will affect anything. Here's the report

    Results of screen317's Security Check version 0.99.5
    Windows Vista Service Pack 2 (UAC is disabled!)
    Internet Explorer 8
    Antivirus/Firewall Check:

    Windows Firewall Enabled!
    ESET Online Scanner v3
    WMI entry may not exist for antivirus; attempting automatic update.
    Anti-malware/Other Utilities Check:

    Malwarebytes' Anti-Malware
    Mozilla Firefox (3.6.8)
    Process Check:
    objlist.exe by Laurent

    DNS Vulnerability Check:

    Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?)

    ``````````End of Log````````````

    This is the Kaspersky Log:

    KASPERSKY ONLINE SCANNER 7.0: scan report
    Tuesday, August 10, 2010
    Operating system: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 2 (build 6002)
    Kaspersky Online Scanner version:
    Last database update: Monday, August 09, 2010 21:46:56
    Records in database: 4131474

    Scan settings:
    scan using the following database: extended
    Scan archives: yes
    Scan e-mail databases: yes

    Scan area - My Computer:

    Scan statistics:
    Objects scanned: 195991
    Threats found: 1
    Infected objects found: 1
    Suspicious objects found: 0
    Scan duration: 02:25:17

    File name / Threat / Threats count
    C:\downloads\Directlinks\CryptLoad_1.1.8-Nexxis.rar Infected: not-a-virus:RemoteAdmin.Win32.NetCat.a 1

    Selected area has been scanned.
  23. Broni

    Broni Malware Annihilator Posts: 54,258   +383

    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • You will get a log that shows the results of the fix. Please post it.


    OTL Clean-Up
    Clean up with OTL:

    * Double-click OTL.exe to start the program.
    * Close all other programs apart from OTL as this step will require a reboot
    * On the OTL main screen, press the CLEANUP button
    * Say Yes to the prompt and then allow the program to reboot your computer.

    If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.


    Your computer is clean [​IMG]

    1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point.

    Turn off System Restore:

    - Windows XP:
    1. Click Start.
    2. Right-click the My Computer icon, and then click Properties.
    3. Click the System Restore tab.
    4. Check "Turn off System Restore".
    5. Click Apply.
    6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
    7. Click OK.
    - Windows Vista and 7:
    1. Click Start.
    2. Right-click the Computer icon, and then click Properties.
    3. Click on System Protection under the Tasks column on the left side
    4. Click on Continue on the "User Account Control" window that pops up
    5. Under the System Protection tab, find Available Disks
    6. Uncheck the box for any drive you wish to disable system restore on (in most cases, drive "C:")
    7. When turning off System Restore, the existing restore points will be deleted. Click "Turn System Restore Off" on the popup window to do this.
    8. Click OK

    2. Restart computer.

    3. Turn System Restore on.

    4. Make sure, Windows Updates are current.

    5. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

    6. Download, and install WOT (Web OF Trust): It'll warn you (in most cases) about dangerous web sites.

    7. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

    8. Run Temporary File Cleaner (TFC) weekly.

    9. Download and install Secunia Personal Software Inspector (PSI). The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

    10. Run defrag at your convenience.

    11. Read How did I get infected?, With steps so it does not happen again!:

    12. Please, let me know, how is your computer doing.
  24. dayslayer8

    dayslayer8 TS Enthusiast Topic Starter Posts: 55

    Hi thank you and bobbye for all the help.
    Sorry but i kind of accidentally closed the OTL log without saving :'( im so sorry.
    I have done all the steps you've told me to do and I am happy that the computer is safe again.
    However i still have the old symptoms, can't use iexplorer and windows media player, no sound output, etc which only occurred after i got the virus. So i guess there is no fix for them?
    Thanks again for all the help it was much appreciated.

    Another problem which i did not see before was that when i right-clicked my computer and went to properties, my system specs information has disappeared. For RAM and Processor it just says Not Avaliable and my rating thing is gone too.

    So is it ok for me to try and reinstall iexplorer and windows media player?
  25. Broni

    Broni Malware Annihilator Posts: 54,258   +383

    Some of your system files could get corrupted during the infection.

    In this forum, we make sure, your computer is free of malware.
    The access to malware forum is very limited.
    Your best option is to create new topic about your current issue, at Windows section.
    You'll get more attention.

    Good luck and stay safe :)
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...