OK, we clean up tools from Laptop 2Step 1
Remove Combofix now that we're done with it
- Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
- Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the "x" and "/")
- Please follow the prompts to uninstall Combofix.
- You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself.
The above procedure will delete the following:
It is very important that you get a successful uninstall because of the extra functions done at the same time, let me know if this does not happen.Step 2
- ComboFix and its associated files and folders.
- VundoFix backups, if present
- The C:_OtMoveIt folder, if present
- Reset the clock settings.
- Hide file extensions, if required.
- Hide System/Hidden files, if required.
- Reset System Restore.
- Download OTC by OldTimer and save it to your desktop. Alternative mirror
- Double click icon to start the program.
If you are using Vista or Windows 7, please right-click and choose run as administrator
- Then Click the big button.
- You will get a prompt saying "Begining Cleanup Process". Please select Yes.
- Restart your computer when prompted.
- This will remove tools we have used and itself. Any tools/logs remaining on the Desktop can be deleted.
We need to remove ESET Online Scanner.
- Click Start, click Run, type control appwiz.cpl in the Open box, and then press ENTER.
- Click to select ESET Online Scanner from the application list, and then click Remove. Only re-boot if prompted
Let me know if those steps completed OK, also if any remaining issues or concerns.
Regarding Laptop 1, we still need to flush the system restore cache and create a fresh clean RP. OK do this:
Please download OTM Alternative Mirror 1Alternative Mirror 2
- Save it to your desktop.
- Please double-click to run it. (Note: If you are running on Vista or Windows 7, right-click on the file and choose Run As Administrator).
- Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
- Return to OTM, right click in the window and choose Paste.
- Click button.
- Copy everything in the Results window (under the line) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
- Close OTM and reboot your PC.
one more time, hit the "Clean Up"
Tab, accept any alerts, reboot if prompted....If no remaining issues you should be good to go on both laptops:
Here are some tips to reduce the potential for malware infection in the future:Make proper use of your antivirus and firewall
Antivirus and Firewall programs are integral to your computer security. However, just having them installed isn't enough. The definitions of these programs are frequently updated to detect the latest malware, if you don't keep up with these updates then you'll be vulnerable to infection. Many antivirus and firewall programs have automatic update features, make use of those if you can. If your program doesn't, then get in the habit of routinely performing manual updates, because it's important.
You should keep your antivirus and firewall guard enabled at all times, NEVER
turn them off unless there's a specific reason to do so. Also, regularly performing a full system scan with your antivirus program is a good idea to make sure you're system remains clean. Once a week should be adequate. You can set the scan to run during a time when you don't plan to use the computer and just leave it to complete on its own.
Install and use WinPatrol
This will inform you of any attempted unauthorized changes to your system.
WinPatrol features explained Here
You will have several programs installed, these maybe outdated and vulnerable to exploits also. To be certain, please run the free online scan by Secunia
, available Here
Before clicking the Start
scan button, please check the box for the option Enable thorough system inspection
. Just below the "Scan Options:" section, you'll see the status of what's currently processing....
...when the scan completes, the message "Detection completed successfully" will appear in the Programs/Result
section. For each problem detected, Secunia will offer a "Solution" option. Please follow those instructions to download updated versions of the programs as recommended by Secunia. Use a safer web browser
Internet Explorer is not the most secure tool for browsing the web. It has been known to be very susceptible to infection, and there are a few good free alternatives: Firefox
All of these are excellent faster, safer, more powerful and functional free alternatives to Internet Explorer. It's definitely worth the short period of adjustment to start using one of these. If you wish to continue using Internet Explorer, it would be a good idea to follow the tutorial HERE
which will help you to make IE MUCH
These browser add-ons
will help to make your browser safer:Web of Trust
warns you about risky websites that try to scam visitors, deliver malware or send spam. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous ones:
Available for Firefox
and Internet Explorer
to go, Yellow
for caution, and Red
Available for Firefox
helps to block malicious scripts and in general gives you much better control over what types of things webpages can do to your computer while you're browsing.
These are just a couple of the most popular add-ons, if you're interested in more, take a look at THIS
Here a couple of links by two security experts that will give some excellent tips and advice.So how did I get infected in the first place by Tony KleinHow to prevent Malware by Miekiemoes
Finally this link HERE
will give a comprehensive upto date list of free Security programs. To include - Antivirus, Antispyware, Firewall, Antimalware, Online scanners and rescue CD`s.
Don`t forget, the best form of defense is common sense. If you don`t recognize it, don`t open it. If something looks to good to be true, then it aint.
If no remaining issues are you OK for me to close out your thread,