Outstanding...you did good work mmi16!
You can delete these now:
DDS.scr
DDS.txt
Attach.txt
GMER and associated log(s)
TDSSKiller and associated log(s)
showalldisplaytabs-xp.vba
Next, please click start-->run...then copy and paste the
Bold text below into the run box and click "OK":
ComboFix /UninstallPerforming this function will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again for you automatically.
Next, if you wish, you can install the latest version(s) of the following software from these download links:
Spybot Search and DestroyVLC Media Player 1.1.11Sun Java Runtime Environment 7 Update 1...in your situation, for the Spybot Search and Destroy installation, I recommend that you do the following:
After installation, Go to Start-->Programs-->Spybot - Search & Destroy and when the program opens, click on the
mode tab at the top left of the application window and select "advanced". Notice the additional options that now appear in the left pane (column of buttons).
Next, in the left pane, click on the
Tools button (near the bottom). In the right pane, you'll see a listing of options...make sure these are checked:
Resident
Browser Pages
IE tweaks
Hosts Files...there may be others checked (which is fine by the way), but make sure that at least those mentioned above all have checks in the box next to them.
In the menu on the left hand side you should see "Resident", click there then in the right pane under "resident protection status" put a check mark in the box next to "resident SD helper (Internet explorer bad download blocker) and
Remove the check from the box for
Resident Tea Timer" (Protection of over-all system settings) active..."otherwise, your on board antivirus product will enter into another wrestling contest with it's protective features."
Look again to the left pane under the
Tools section. From the left pane, click the
Hosts File button. Now in the right pane, click the green
+ Add Spybot-S&D hosts list button.
Next, from the left pane, please click the
Spybot-S&D button. From the right side pane, click the button to ‘Search for Updates’ and download and install the Updates
(make sure all the updates it found has a check in the box).
When the updates complete, please click "immunize" from the menu on the left. Then in the right pane click the +immunize button...you should see a progress bar as the application begins to immunize the system.
When the progress bar completes, you should see
"0" in the
Unprotected heading. If you do not, then click the green
+ Immunize button at the top just above that progress bar. You will see the numbers roll back until it reaches "0".
Next click the "Search and Destroy" button from the left pane menu then click the "check for Problems" button in the right pane.
Spybot will now scan your computer and display in the "problem" window any bad programs it finds. When the scan completes, it may show red, black, and green entries. Please put a check mark next to all the RED entries and click "fix selected problems". When finished, close the application. You can use this product to scan with on demand...and I recommend you do so at least once a week.
For the Java installation, please do the following:
Double-click the
jre-7u1-windows-i586.exe file that you downloaded to the desktop. The installation should begin...please follow the prompts to install it.
When it completes, please reboot the computer. When the system comes back up, please open the Java Control Panel again
click start-->control panel-->Java.
From the "General" tab, under the "Temporary Internet Files"
(at the bottom), please click the
Settings button. When the "Temporary Files Settings" box opens, please remove the check from the option box to "Keep temporary files on my computer". Please click "OK", then "Apply" to close the Java Control Panel. Please reboot the system once more to properly record these changes made to the hard disk. This ensures a clean record of the "Last known Good Configuration that Worked".
To assist in the prevention of malicious software intrusion and infections, you can begin by reading
"How to boost your malware defense and protect your PC"...Please remember to keep antivirus software on board and always use it's real time protection feature. Run a complete system scan at least once a week...preferably in
Safe mode.
A word of caution Security vendors, in recent years, have partnered with
"Ask.com" in providing the "Ask Toolbar" bundled with their download(s).
Although the toolbar is considered to be a
Legitimate program, it is nonetheless
questionable as to it's behavior. It is alleged to be spyware/adware as the behavior of this application tracks a user's history and sends "search" information to it's servers in order to provide a user with targeted search results, many of these results may also be for questionable web sites. In fairness, one should keep in mind, google does the same thing regarding search results.
This tracking is considered by many of us in the security field, to be offensive.
Some of the "Download links" that I may provide, may also contain this program bundled with it. If you choose not to use it, the bundled software will always contain an "Opt Out" measure via some checkbox. The user can check
(or uncheck) this box to prevent the download.
If a user isn't cautious and may have mistakenly installed this program, it can easily be removed via the "Uninstall" string provided with the software. Detailed instructions how to remove the program can be found
Here.
If your antivirus program is a licensed version that is about to expire, you can consider using one of these available free on the public domain:
Microsoft Security EssentialsAntiVir Personal Edition ClassicAvast! 4 Home EditionThose of us in the online safety/security community have tried and tested these programs to determine their abilities. Having in mind, nothing is ever a guarantee regarding computer security, these programs nevertheless, combined with the rest of these recommendations are certain to have an impact in helping to keep your system running free and clear. I personally have been satisfied from having tested and used each one of those at one time or another.
Immunize your browser by installing
Spywareblaster. What does it do?
- Prevents the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software.
- Blocks spyware/tracking cookies in Internet Explorer and Mozilla/Firefox.
- Restricts the actions of potentially unwanted sites in Internet Explorer.
Keep your anti-virus and spyware definitions up to date. Be sure to scan often.
Web of Trust, (
WOT,) warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
- Green to go
- Yellow for caution
- Red to stop
WOT has an add-on available for both Firefox and IE.
Install the
Winpatrol security monitor utility. WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. What I hear most from users is how much they like the startup control feature and it's ease of use. Need help understanding something about Winpatol?
Here it is.
Below you can choose from several of the freeware Firewalls available on the public domain. Even though you may have a Firewall already installed, keep this list handy should you choose not to renew your subscription for whatever reason.
You should always have at least one (but not more than one) of these types of third party firewalls running on board:
Zone Alarm...Windows 2k/XP/Vista
Outpost FreeComodo...I highly recommend this firewall, but it may just be best suited for advanced users.
Stay updated with the most recent Windows patches using
Microsoft's Windows Update. Make it easy on yourself, and set this feature to
Automatic.
Using an alternate browser can reduce your chance of certain infections installing themselves. I recommend installing
Mozilla Firefox. If you don't already have "Firefox", please consider installing and using this browser for surfing.
If you still wish to use Internet Explorer, please make sure you install SpywareBlaster (from above) to protect you from most ActiveX infections.
Run
CCleaner often. Please avoid using the "registry" cleaning feature of this utility unless you consider yourself an expert. Contrary to popular thought, the Windows Registry has no need of any "cleaning". I personally challenge anyone to show a substantial benefit from having used any of these "registry cleaning" programs. There is none. Any difference at all is so miniscule that it's nearly impossible to calculate.
On the flip side, rather than any benefit, there is the possibility of slicing out enough pieces of the registry to render things useless...and that includes the operating system.
By default, CCleaner will ask you if you want to backup what is removed, and I suggest you do just that. If you have already used this option and found that something no longer works properly, please find the backup that was created and use it to restore that particular item. Remember, using this to clean the disk is absolutely useful and beneficial. A novice needs only to use the disk cleaning feature...and avoid the registry cleaning aspect. It's not difficult...just don't bother to click the
Registry button on the menu.
CCleaner is an excellent...and fast disk cleaning utility that can easily be configured to suit your needs. Often, users find a simple reboot resolves a quirky performance issue which can come about as a result of the collection of temp files while browsing the web...and if you configure CCleaner to run on start up, then your system could be kept running fast and clean with each new user session.
The Yahoo Toolbar is included by default during the installation of the CCleaner utility...if you DO NOT WANT IT, be sure to remove the check from the "Add CCleaner Yahoo! Toolbar and use CCleaner from your browser" option during installation setup or else just download the
Slim version (no toolbar...
last download link at the bottom of that page)...Or if you just want to run your on board Disk Cleanup ("Start--> Programs-->Accessories-->System Tools-->Disk Cleanup" ), just open the utility and check off the following:
Downloaded Program Files, Temporary Internet Files, Recycle Bin, and Temporary Files.
So how did I get infected in the first place?Regards, and Happy Surfing!
