Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirus Xp 2008


  • Please log in to reply
12 replies to this topic

#1 Belldandy

Belldandy

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:27 AM

Posted 13 August 2008 - 10:26 AM

Hi, I'm brand new. This is my first post. I'm not sure if this is where I'm supposed to post.

I stayed up all night getting rid of lots of bad things on my computer, and I'm not sure if I removed everything. AVG said I had Trojan Horse Agent.ZAK. I also noticed that I had Antivirus XP 2008. I always wondered where it it came from because I never installed it. The first thing I did was use Spybot-Search and Destroy. It did not remove either. I googled for help on both and came across a step by step post by Grinler, on this site, to remove Antivirus XP 2008. It worked, I think. And AVG eventually removed that trojan.

(Thank you, Grinler, for that awesome step by step!)

I ran Spybot-Search and Destroy, Malwarebytes'-Anti-Malware, and AVG Anti-Virus. I rebooted when told to. The 3 programs said I was cleaned up. ( I had a lot of infections, yikes!) All 3 detected different threats! I'm glad I ran them.

The reason I'm not sure if the Antivirus XP 2008 is totally removed is because when I click the start button, that window slides up and I see Antivirus XP 2008, and I also see Register Antivirus XP 2008 there. I believe that they are shortcuts. When I right click them, the window opened and I chose Scan with Malwarebytes' Anti-Malware. It said nothing detected. So can I right click them and choose the Remove from this list?

I'm not very good with computers. I hope I explained well enough. My brain is foggy...I only slept 2 hours.

Thank you for your help.

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,467 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:27 AM

Posted 13 August 2008 - 10:57 AM

So can I right click them and choose the Remove from this list?

Yes.

Also you can post the results of your MBAM scan for my review.

Launch MBAM.
Click the Logs Tab at the top.
mbam-log-7-18-2008(09-52-04).txt should show in the list. <- your dates will be different from this exampe
Click on the log name to highlight it.
Go to the bottom and click on Open.
The log should automatically open in notepad as a text file.
Go to Edit and choose Select all.
Go back to Edit and choose Copy or right-click on the highlighted text and choose copy from there.
Come back to this thread, click Add Reply, then right-click and choose Paste.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Belldandy

Belldandy
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:27 AM

Posted 13 August 2008 - 11:38 AM

Thank you for the quick reply, quietman7! And thank you for that great step by step! I copied and pasted the 3 logs. I haven't clicked Remove From This List yet. I'm waiting to see your reply before I do anything. :thumbsup:







Malwarebytes' Anti-Malware 1.24
Database version: 1047
Windows 5.1.2600 Service Pack 3

4:38:21 AM 8/13/2008
mbam-log-8-13-2008 (04-38-21).txt

Scan type: Quick Scan
Objects scanned: 57625
Time elapsed: 19 minute(s), 45 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 5
Registry Keys Infected: 5
Registry Values Infected: 6
Registry Data Items Infected: 1
Folders Infected: 12
Files Infected: 17

Memory Processes Infected:
C:\Program Files\rhc96fj0ev43\rhc96fj0ev43.exe (Rogue.Multiple) -> Unloaded process successfully.

Memory Modules Infected:
C:\Program Files\rhc96fj0ev43\MFC71.dll (Rogue.Multiple) -> Delete on reboot.
C:\Program Files\rhc96fj0ev43\MFC71ENU.DLL (Rogue.Multiple) -> Delete on reboot.
C:\Program Files\rhc96fj0ev43\msvcp71.dll (Rogue.Multiple) -> Delete on reboot.
C:\Program Files\rhc96fj0ev43\msvcr71.dll (Rogue.Multiple) -> Delete on reboot.
C:\WINDOWS\system32\blphcc6fj0ev43.scr (Trojan.FakeAlert) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9522b3fb-7a2b-4646-8af6-36e7f593073c} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{87255c51-cd7d-4506-b9ad-97606daf53f3} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhc96fj0ev43 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhc96fj0ev43 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhc96fj0ev43 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphcc6fj0ev43 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System (Rootkit.DNSChanger) -> Data: kdugt.exe -> Quarantined and deleted successfully.

Folders Infected:
C:\Program Files\rhc96fj0ev43 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee\Application Data\rhc96fj0ev43 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee\Application Data\rhc96fj0ev43\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee\Application Data\rhc96fj0ev43\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee\Application Data\rhc96fj0ev43\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee\Application Data\rhc96fj0ev43\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee\Application Data\rhc96fj0ev43\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee\Application Data\rhc96fj0ev43\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee\Application Data\rhc96fj0ev43\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee\Application Data\rhc96fj0ev43\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee\Application Data\rhc96fj0ev43\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee\Application Data\rhc96fj0ev43\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\system32\kdugt.exe (Rootkit.DNSChanger) -> Delete on reboot.
C:\Program Files\rhc96fj0ev43\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc96fj0ev43\license.txt (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc96fj0ev43\MFC71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc96fj0ev43\MFC71ENU.DLL (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc96fj0ev43\msvcp71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc96fj0ev43\msvcr71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc96fj0ev43\rhc96fj0ev43.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc96fj0ev43\rhc96fj0ev43.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc96fj0ev43\Uninstall.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008.lnk (Rogue.AntivirusXP) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Desktop\Antivirus XP 2008.lnk (Rogue.Antivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blphcc6fj0ev43.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphcc6fj0ev43.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phcc6fj0ev43.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pphcc6fj0ev43.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.


Malwarebytes' Anti-Malware 1.24
Database version: 1047
Windows 5.1.2600 Service Pack 3

10:09:50 AM 8/13/2008
mbam-log-8-13-2008 (10-09-50).txt

Scan type: Quick Scan
Objects scanned: 1
Time elapsed: 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)





Malwarebytes' Anti-Malware 1.24
Database version: 1047
Windows 5.1.2600 Service Pack 3

10:10:28 AM 8/13/2008
mbam-log-8-13-2008 (10-10-28).txt

Scan type: Quick Scan
Objects scanned: 1
Time elapsed: 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,467 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:27 AM

Posted 13 August 2008 - 12:08 PM

I haven't clicked Remove From This List yet

Go ahead and do that.

Then lets do another scan to see if we find anything else that MBAM may have missed.

Please download ATF Cleaner by Atribune & save it to your desktop. alternate download link DO NOT use yet.
Please download and install SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here and unzip into the program's folder.)
  • Under the "Configuration and Preferences", click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen and exit the program.
  • Do not run a scan just yet.
Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Double-click ATF-Cleaner.exe to run the program.
  • Under Main "Select Files to Delete" choose: Select All.
  • Click the Empty Selected button.
  • If you use Firefox browser click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera browser click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.
Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".

Scan with SUPERAntiSpyware as follows:
  • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Belldandy

Belldandy
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:27 AM

Posted 13 August 2008 - 01:06 PM

I just removed them from the list. :thumbsup:

Wow, I need to do all that? Okay, but I can't do that right now. I have a few errands that I HAVE to run off to do now. I'll do it this evening. Check back with me later? Thank you sooooo much for your help.

Oh, I almost forgot. My brother had "locked" my computer with a password because I have 3 young children, 5 year old is my oldest, that would always mess with the computer. After I "fixed" my computer this morning, it no longer requires a password. Did fixing the threats on my computer remove it? How do I put a lock on it again? And if that was removed, could it have removed other things that I wouldn't know? Or did it not remove but turned off? Do I make sense? Sorry, I have to go.

I'll come back later tonight.

Thanks again...

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,467 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:27 AM

Posted 13 August 2008 - 01:51 PM

I don't know what password program your brother gave you to use (there are many of them) so you probably should check with him. It could be a stand-alone program or one that was installed. Either case he will know where to look for it and help you get the machine password protected again.

The program could have been detected as malware and may have been deleted by one of your earlier scans. Without knowing the name of the exact program and files it uses, its hard to tell if that was the case.

Security tools will not remove legit applications unless they find a file has become infected or the detection is a "false positive". If that is the case, then you would need to advise the vendor of the program that removed it and reinstall the application after they fixed the detection unless there is a way to tell it to "ignore" that program.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Belldandy

Belldandy
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:27 AM

Posted 13 August 2008 - 09:02 PM

I'm back for just a few seconds. I did the quick scan with Malwarebytes and everything was good. Did you want me to do the full scan? I've never done that one.

I downloaded ATF to the desktop. And I'll come back to try to do the rest. It's been a very long day, we got home later than expected, and we are eating dinner now. After I put the kids down to bed, I'll see if I can figure out your instructions. :thumbsup:

I'll call my brother tomorrow.

Be back in later...

#8 Belldandy

Belldandy
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:27 AM

Posted 14 August 2008 - 02:42 AM

Whew, that took a while. I was a bit unsure of some of the instructions, but I think it worked.

When I went into safe mode, it scared me because it did strange things before I was "in". I didn't know what to expect. And there was no beep. I had to restart it again and guess when to push F8. And after I pushed F8, I thought, oh crap, what did I do? But I got in. I don't know why there was no beep. I remember there used to be a beep at one point. Does it matter that there is no longer a beep?

I assume that I was supposed to run Scan with SUPERAntiSpyware in safe mode as well?

Here is the log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/14/2008 at 01:45 AM

Application Version : 4.15.1000

Core Rules Database Version : 3536
Trace Rules Database Version: 1525

Scan type : Complete Scan
Total Scan Time : 01:35:36

Memory items scanned : 177
Memory threats detected : 0
Registry items scanned : 6116
Registry threats detected : 0
File items scanned : 56634
File threats detected : 1

Trojan.Unknown Origin
C:\RECYCLER\NPROTECT\00867453.BMP



Any thing else I should do now?



Now to bombard you with lots of questions...sorry, but this board has been a HUGE HELP for a "computer dummy." :trumpet: And some of the questions may not belong here:

When it rebooted, Automatic Updates window popped up and said that Windows found 15 updates. Do I update? I always have in the past...could it ever be unsafe?

As instructed, I've downloaded a few things. How much space do they take? Do I keep them all? How often do I use them? How do I know what to use? What order? Safe mode or regular mode?

When I used Spybot-Search & Destroy, I wasn't sure how to use it. Could you give me a step by step procedure? And when do I use that? How do I decide which program to run?

How do I surf the net safely? I picked up that trojan horse Agent.Zak when I was googling for spiderman bedding for my 4 year old...when I clicked a link, it wasn't what it said it was, and I was infected. Scared the ba-jeebies out of me! Thank goodness for this site!

Protection? Firewalls? Security setting? Etc.? Any suggestions? We use AT&T Uverse as our internet provider, and they have a firewall built into their modem. Is that enough? I didn't realize that I had so many infections, is it safe to do banking online or shopping online?

My desktop has a lot of icons now. How do I clean it up? I still want everything, but maybe not on the desktop. I'll do whatever you want me to do with the programs you had me download.

And lastly, how do you back up or save files or programs to a disc? Is that considered the same?

Sorry for all those questions. Any help would be much appreciated, and no big hurry.

You've been a great help. :flowers: Thank you so much! :thumbsup:

#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,467 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:27 AM

Posted 14 August 2008 - 10:09 AM

If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok".
  • Click the "More Options" Tab.
  • Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

When it rebooted, Automatic Updates window popped up and said that Windows found 15 updates. Do I update? I always have in the past...could it ever be unsafe?

Yesterday was patch Tuesday so Microsoft released a number of updates. You need to download and install them.

As instructed, I've downloaded a few things. How much space do they take? Do I keep them all? How often do I use them? How do I know what to use? What order? Safe mode or regular mode?

I recommend keeping both SUPERAntispyware and MBAM which IMO right now are both more effective than Ad-aware or Spybot S&D. Neither of them take up that much space. You should use them as part of your weekly anti-malware scanning maintenance. MBAM is intended to be run in normal mode. SAS can be run in either normal or safe mode. I prefer safe mode.

Why use safe mode? The Windows operating system protects files when they are being accessed by an application or a program. Malware writers create programs that can insert itself and hide in these protected areas when the files are being used. Using "Safe Mode" reduces the number of modules requesting files to only the essentials to make your computer functional. This in turn reduces the number of hiding places for malware, making it easier to find and delete the offending files when performing scans with anti-virus and anti-malware tools. In most cases, performing your scans in "Safe Mode" speeds up the scanning process.

"Beginners Guides: Windows XP Safe Mode Explained"
"What is 'Safe Mode' used for and why?"

When I used Spybot-Search & Destroy, I wasn't sure how to use it. Could you give me a step by step procedure? And when do I use that?

Spybot Tutorial
Using Spybot S&D

How do I surf the net safely?

For Tips to protect yourself against malware and reduce the potential for re-infection, be sure to read:
"Simple and easy ways to keep your computer safe".
"How did I get infected?, With steps so it does not happen again!".
"Best Practices - Internet Safety for 2008".
"Hardening Windows Security - Part 1 & Part 2".
"IE Recommended Minimal Security Settings" - "How to Secure Your Web Browser".

Protection? Firewalls? Security setting? Etc.? Any suggestions? We use AT&T Uverse as our internet provider, and they have a firewall built into their modem. Is that enough?

BC's Freeware Replacements For Common Commercial Apps
BC's List of Virus & Malware Resources.

I don't know anything about your ISP built-in firewall. Keep in mind that using two software firewalls on a single computer could cause issues with connectivity to the Internet or other unexpected behavior. Further, running multiple software firewalls can cause conflicts that are hard to identify and troubleshoot. Only one of the firewalls can receive the packets over the network and process them. Sometimes you may even have a conflict that causes neither firewall to protect your connection. However, you can use a hardware firewall (your router) and a software firewall (Kerio or ZoneAlarm) in conjunction. For more information see "The Differences and Features of Hardware & Software Firewalls", "Choosing a Firewall: Hardware v. Software" and "Comparing Firewall Features".

Choosing a firewall is a matter of personal preference, your technical experience, features offered, the amount of resources utilized, how it may affect system performance and what will work best for your system. A particular firewall that works well for one person may not work as well for another. You may need to experiment and find the one most suitable for your use.

...is it safe to do banking online or shopping online?

Yes, as long as you're careful, use common sense, practise safe surfing habits and are well protected security wise. If you use gaming sites, then I would not use the same computer for banking or shopping.

My desktop has a lot of icons now. How do I clean it up?

How to Organize and clean up your desktop icons

how do you back up or save files or programs to a disc? Is that considered the same?

How to use the Backup utility that is included in Windows XP to back up files and folders
Windows XP Backup Made Easy
How to choose an external storage format for backup files
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 Belldandy

Belldandy
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:27 AM

Posted 14 August 2008 - 12:54 PM

Thank you so much for all your help and answers! I'll work on this as I get the time.

#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,467 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:27 AM

Posted 14 August 2008 - 01:13 PM

You're welcome. :thumbsup:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 Belldandy

Belldandy
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:27 AM

Posted 14 August 2008 - 02:15 PM

Then use Disk Cleanup to remove all but the most recently created Restore Point.
Go to Start > Run and type: Cleanmgr
Click "Ok".
Click the "More Options" Tab.
Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.



This is what I did:
Go to Start > Run and type: Cleanmgr
Click "Ok".
Click the "More Options" Tab.
Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.

I clicked "Clean Up" in the System Restore section, but how do I know that it did it? It didn't look like anything happened.

Was I supposed to click Disk Cleanup and follow those directions too, or is it the same?

#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,467 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:27 AM

Posted 14 August 2008 - 02:43 PM

You click on the Clean up... button under More Options > System Restore.
Click Ok when done and you will be prompted "Are you sure you want to perform these actions?
Click Yes.

And the files will be removed automatically. These files are kept in the System Volume Information folder which is hidden by default so you won't see anything unless you have Windows reconfigured to show hidden files and folders.

Click the blue Clean DiskCleanup link in my previous post for a screenshot.

Edited by quietman7, 14 August 2008 - 02:43 PM.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users