BleepingComputer.com: Malware/Adware Sypware problems

Hi,

Click start -> type regedit and press enter (agree permission prompt). On the tree navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services branch and see if WinDefend exists there. Report back your findings.

looks like its missing

RJ

Hi,

Download the attached fix.zip file and extract its contents to your desktop. Double-click the extracted .reg file and allow merging when prompted. Reboot and see if Windows Defender works any better.

Hi

Windows defender working. Anything else i should do now?

RJ

Good. Are there any issues remaining?

Not really. The mediaget program i removed using Revo still has a folder in my programs menu. However i believe everything relating to it has been removed.

No virus/malware issues as far as i can tell.

RJ

Hi,

Quote

Right click on the folder and select delete. Should take care of that.


If no other issues, it's time to secure your system to prevent against further intrusions.


THESE STEPS ARE VERY IMPORTANT

Let's reset system restore
Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: You will lose all previous restore points which are likely to be infected. Please note you need Administrator Access to do clean the restore points.

A To disable the System Restore feature:

1. Click on the Start button.
2. Hover over the Computer option, right click on it and then click Properties.
3. On the left hand side, click Advanced Settings.
4. If asked to permit the action, click on Allow.
5. Click on the System Protection tab.
6. Uncheck any checkboxes listed for your hard drives.
7. Press OK.


B. Reboot.

C Turn ON System Restore.
Follow the steps like you did when disabling system restore but on step 6. check any checkboxes listed for your hard drives.



Now lets uninstall ComboFix:

• Click START then RUN
  
• Now copy-paste Combofix /uninstall in the runbox and click OK

UPDATING WINDOWS AND INTERNET EXPLORER

IMPORTANT: You Need to Update Windows and Internet Explorer to protect your computer from the malware that is around on the Internet. Please go to the windows update site to get the critical updates.

If you are running Microsoft Office, or any portion thereof, go to the Microsoft's Office Update site and make sure you have at least all the critical updates installed (Free) Microsoft Office Update.

Make your Internet Explorer more secure

This can be done by following these simple instructions:
From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialize and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate sub-frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.


Download and run Secunia Personal Software Inspector (PSI) and fix its findings.


Just a final reminder for you. I am trying to stress these two points.
UPDATE UPDATE UPDATE!!! Make sure you do this about every 1-2 weeks.
Make sure all of your security programs are up to date.
Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.


Once again, please post and tell me how things are going with your system... problems etc.

Have a great day,
Blade

Ok all done,

Anything else to finish off. I seem to remember some of the initial steps taken needed to be reversed on completion?

Blade you truly have been amazing help.

RJ

You're welcome

Quote

That should be all. If DDS and GMER tool are still on your desktop then you may delete those.

posted to wrong topic. please ignore.

This post has been edited by Blade81: 24 May 2011 - 10:45 AM
Reason for edit: posted to wrong topic *oops*

Should i go ahead and install microsoft security essentials?

Should i enable the cd emulation driver stuff. Not sure if i had any in the first place???

I have removed symantec and the mcafee i have now expired years ago though i update the free software.


Other than that i think i'm all done and you can close the loop if you want.

Many thanks for all your efforts.

RJ

Hi,

Quote

That would be a good option

Some other good free antivirus programs are:
Antivir and
Avast!

Good commercial ones are from:
Kaspersky and
ESET

Quote

Yes, if you ran the tool earlier to disable that.

cool, all done

thanks again

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.