Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Cant seem to find the Problem

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Cant seem to find the Problem

Unread postby Baowolfe » January 27th, 2006, 7:42 pm

Hi There

I Play a game calld ROSE online and since they introduced a program called nProtect i seem to always get disconnected they suggested many things in there tech support section " Viruses/Spyware Adware Hacking Tools and Such " i have dun everything they asked and am still getting the same problems they suggested your expertees on this matter i used my Virus scanner and found nothing then used a suggested program "BullGuard" and found many problems and fixed them also was told to post a log of my HijackThis test Here it is

Logfile of HijackThis v1.99.1
Scan saved at 6:18:33 PM, on 1/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\BullGuard Software\BullGuard\BullGuardUpdate.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\BullGuard Software\BullGuard\bullguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
D:\System Restore\Vir and Spy Ware Tools\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.roseonlinegame.com/
O4 - HKCU\..\Run: [BullGuard] "C:\Program Files\BullGuard Software\BullGuard\bullguard.exe"
O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download by Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Program Files\Free Download Manager\dlpage.htm
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://nprotect.roseonlinegame.com/nPro ... /npkcx.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BullGuard LiveUpdate (BGLiveSvc) - BullGuard, Ltd. - C:\Program Files\BullGuard Software\BullGuard\BullGuardUpdate.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe

any help would be amazing
Patiently awaiting your reply
User avatar
Baowolfe
Active Member
 
Posts: 3
Joined: January 27th, 2006, 7:23 pm
Advertisement
Register to Remove

Unread postby Rogue » January 27th, 2006, 8:49 pm

Hi Baowolfe,

Welcome to the Malware Removal forums. I will be more than happy to help you work on your problems.
Please give me some time to review your log as this can be a lengthy process. As soon as a MR Staff Expert reviews my fix, I will post it for you.
In the mean time, if any problems occur. Please let me know.
Please only use this topic to reply to. Do not start another thread.
The fixes we will use are specific to your problems and should only be used for this issue on this machine.
If you’re unsure of anything at all please stop and ask!


Rogue
User avatar
Rogue
MRU Teacher Emeritus
 
Posts: 4782
Joined: November 3rd, 2005, 3:21 pm
Location: Salt Lake City, Utah

Unread postby Rogue » January 29th, 2006, 11:39 am

Hi Baowolfe,

There is an exploit associated with nProtect. http://www.frsirt.com/english/advisories/2005/0386
Upgrade to nProtect Netizen version 2005.4.20.1

I would like you to do some scans that will tell me more.

===========

Please show me an uninstall of programs in your next post.
This is how you do that:
• Open HiJackThis
• Click on the tab "Open the Misc Tools Session"
• Click on the Box that says "Uninstall Manager"
• Click on the button "Save list"
• Copy and past the List from notepad into your post
==========

You may already have some of these but please make sure that they are updated and configured as below:

Spybot S&D is available from here.

Download and Install Spybot S&D (if you haven't already), accept the Default Settings
In the Menu Bar at the top of the Spybot window you will see Mode.
Make certain that 'Default Mode has a check mark beside it.
Close ALL windows except Spybot S&D
Click the button to ‘Search for Updates’ then download and install the updates.
Next click the button ‘Check for Problems'
When Spybot is complete, it will be showing ‘RED’ entries bold 'BLACK' entries and ‘GREEN’ entries in the window
Make certain there is a check mark beside all of the RED entries ONLY.
Choose ‘Fix Selected Problems’ and allow Spybot to fix the RED entries.
REBOOT normally to complete the scan and clear memory.
==========

Download and install Ewido Anti-Malware

During the installation, uncheck the following under Additional Options:
Install background guard
Install scan via context menu

Check for updates

Run ewido Malware Remover

Click on Scanner
Click on Complete System Scan and the scan will begin.
While the scan is in progress you will be prompted to clean files, click OK
Select "none" as the action. DO NOT check "Perform action with all infections ". If you are unsure of an entry, select "none" for the time being.
Once the scan has completed, there will be a button located on the bottom of the screen named Save report - click it.
Save the report.txt file to your desktop.

Now close ewido security suite.

Warning: While the scan is in progress, DO NOT open any folders or the Windows Control Panel !!
==========

Run an online virus scan called Kapersky from here.

1. Click on "Kapersky Online Scanner"
2. A new smaller window will pop up. Press on "Accept". After reading the contents.
3. Now Kapersky will update the anti-virus database. Let it run.
4. Click on "Next">"Scan Settings", and make sure the database is set to "extended". And check both the scan options. Then click OK.
5. Then click on "My Computer". And the scan will start.
6. Once finished, save a log as ".txt" to the desktop. And restart.
========

Please post a new HJT log
Post ewido report
Post .txt file from Kapersky
Post Uninstall list
Depending on the size of these reports you may need to use mutiple posts.

Thanks,

Rogue
User avatar
Rogue
MRU Teacher Emeritus
 
Posts: 4782
Joined: November 3rd, 2005, 3:21 pm
Location: Salt Lake City, Utah

Unread postby Baowolfe » January 29th, 2006, 1:16 pm

I Have since done a Full Format and reinstall of Windows but the problem still persists so i am enclosing another Hijack this Proces list ad the Uninstal list you asked for

Heres the Process list

Logfile of HijackThis v1.99.1
Scan saved at 12:14:51 PM, on 1/29/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\npkagt.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\System Restore\Vir and Spy Ware Tools\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.roseonlinegame.com/
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8458219834
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://nprotect.roseonlinegame.com/nPro ... en/npx.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://nprotect.roseonlinegame.com/nPro ... /npkcx.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe

And heres the Uninstall list you asked for

ATI - Software Uninstall Utility
ATI Display Driver
HijackThis 1.99.1
Hotfix for Windows XP (KB896344)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
nProtect KeyCrypt
Rose Online
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB912919)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900930)
Update for Windows XP (KB910437)
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB887797
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2

Hope you can find the problem
User avatar
Baowolfe
Active Member
 
Posts: 3
Joined: January 27th, 2006, 7:23 pm

Heres the Data you asked for

Unread postby Baowolfe » January 30th, 2006, 1:18 am

I Have dun all the tests and deleted the infected files but here are the lists you asked for

Hijack This Log

Logfile of HijackThis v1.99.1
Scan saved at 12:09:18 AM, on 1/30/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
D:\System Restore\Vir and Spy Ware Tools\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.roseonlinegame.com/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/ ... nicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8458219834
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://nprotect.roseonlinegame.com/nPro ... en/npx.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} - http://nprotect.roseonlinegame.com/nPro ... /npkcx.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe

Hijack This Uninstall List
ATI - Software Uninstall Utility
ATI Display Driver
ewido anti-malware
HijackThis 1.99.1
Hotfix for Windows XP (KB896344)
Kaspersky On-line Scanner
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB912919)
Spybot - Search & Destroy 1.4
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900930)
Update for Windows XP (KB910437)
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB887797
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2

EWidow Scan Report

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 10:53:33 PM, 1/29/2006
+ Report-Checksum: B0C339AD

+ Scan result:

C:\Documents and Settings\Baowolfe\Cookies\baowolfe@adopt.euroclick[1].txt -> Spyware.Cookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Baowolfe\Cookies\baowolfe@adtech[2].txt -> Spyware.Cookie.Adtech : Cleaned with backup
C:\Documents and Settings\Baowolfe\Cookies\baowolfe@stat.onestat[2].txt -> Spyware.Cookie.Onestat : Cleaned with backup
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018622.dll -> Spyware.NewDotNet : Cleaned with backup
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018623.dll -> Spyware.Quick : Cleaned with backup
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018624.exe -> Spyware.MyWebSearch : Cleaned with backup
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018627.exe/2 -> Spyware.Chiem : Cleaned with backup
D:\From Lynders Comp\Stuffses\Lynder Games\Tumblebugs\BeetleBompSetup-dm.exe -> Adware.Trymedia : Cleaned with backup


::Report End

Kaspersky Scan Results

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Sunday, January 29, 2006 23:56:49
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 30/01/2006
Kaspersky Anti-Virus database records: 163250
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\

Scan Statistics:
Total number of scanned objects: 50364
Number of viruses found: 3
Number of infected objects: 22
Number of suspicious objects: 0
Duration of the scan process: 3146 sec

Infected Object Name - Virus Name
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018651.exe/WISE0020.BIN Infected: Trojan-Downloader.Win32.Agent.er
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018651.exe Infected: Trojan-Downloader.Win32.Agent.er
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018652.exe/WISE0019.BIN Infected: Trojan-Downloader.Win32.Agent.er
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018652.exe/WISE0021.BIN/EXE-file/data0001/EXE-file Infected: Trojan-Downloader.Win32.Agent.ic
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018652.exe/WISE0021.BIN/EXE-file/data0001/EXE-file Infected: Trojan-Downloader.Win32.Agent.gn
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018652.exe/WISE0021.BIN/EXE-file/data0001 Infected: Trojan-Downloader.Win32.Agent.gn
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018652.exe/WISE0021.BIN/EXE-file Infected: Trojan-Downloader.Win32.Agent.gn
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018652.exe/WISE0021.BIN Infected: Trojan-Downloader.Win32.Agent.gn
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018652.exe Infected: Trojan-Downloader.Win32.Agent.gn
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018653.exe/WISE0019.BIN Infected: Trojan-Downloader.Win32.Agent.er
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018653.exe/WISE0021.BIN/EXE-file/data0001/EXE-file Infected: Trojan-Downloader.Win32.Agent.ic
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018653.exe/WISE0021.BIN/EXE-file/data0001/EXE-file Infected: Trojan-Downloader.Win32.Agent.gn
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018653.exe/WISE0021.BIN/EXE-file/data0001 Infected: Trojan-Downloader.Win32.Agent.gn
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018653.exe/WISE0021.BIN/EXE-file Infected: Trojan-Downloader.Win32.Agent.gn
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018653.exe/WISE0021.BIN Infected: Trojan-Downloader.Win32.Agent.gn
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018653.exe Infected: Trojan-Downloader.Win32.Agent.gn
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018654.exe/WISE0020.BIN Infected: Trojan-Downloader.Win32.Agent.er
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018654.exe Infected: Trojan-Downloader.Win32.Agent.er
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018656.exe/WISE0020.BIN Infected: Trojan-Downloader.Win32.Agent.er
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018656.exe Infected: Trojan-Downloader.Win32.Agent.er
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018657.exe/WISE0020.BIN Infected: Trojan-Downloader.Win32.Agent.er
D:\System Volume Information\_restore{3B987EF0-7D11-47C2-A3C0-58486DA3A553}\RP157\A0018657.exe Infected: Trojan-Downloader.Win32.Agent.er

Scan process completed.

I have restarted my PC in Safe Mode and Opened D:\System Volume Information and deleted al the folders in this folder as they were all infected as you can see then rebooted the PC in normal mode after emptying the Trash Bin

Here ya go if there is anything else you need you know where to find me
User avatar
Baowolfe
Active Member
 
Posts: 3
Joined: January 27th, 2006, 7:23 pm

Unread postby Rogue » January 30th, 2006, 9:51 pm

Hi Baowolfe,

Were you able to upgrade to nProtect Netizen version 2005.4.20.1?
There is an exploit associated with nProtect. http://www.frsirt.com/english/advisories/2005/0386

Your log looks free of any malware except for what’s left over in your system restore.

Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

----------
Restart your computer
----------

Turn ON System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Un-Check Turn off System Restore.
Click Apply, and then click OK.
==========

Since you are free of any malware this is really sounding like a configuration problem. PCPitStop is one place that might be able to help you http://www.pcpitstop.com or at http://www.computertrouble.co.uk
If your machine is a Dell I would invite you to visit their community forum located here

But to help protect you against further infections, and also to help prevent criminals using your computer to infect other people's computers on the web, I recommend the following: (You may already have some of the items) As I did not see any firewall or Anti-Virus in your last two posts please consider one of the programs listed below.

[*]Make your Internet Explorer more secure - This can be done by following these simple instructions:
  1. From within Internet Explorer click on the Tools menu and then click on Options.
  2. Click once on the Security tab
  3. Click once on the Internet icon so it becomes highlighted.
  4. Click once on the Custom Level button.
    1. Change the Download signed ActiveX controls to Prompt
    2. Change the Download unsigned ActiveX controls to Disable
    3. Change the Initialise and script ActiveX controls not marked as safe to Disable
    4. Change the Installation of desktop items to Prompt
    5. Change the Launching programs and files in an IFRAME to Prompt
    6. Change the Navigate sub-frames across different domains to Prompt
    7. When all these settings have been made, click on the OK button.
    8. If it prompts you as to whether or not you want to save the settings, press the Yes button.
  5. Next press the Apply button and then the OK to exit the Internet Properties page.
[*]Use an Anti Virus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future. See this link for a listing of some on line & their stand-alone anti virus programs:
Click here for more information on -> Computer Safety On line - Anti-Virus

I would recommend Grisofts© AVG or AVAST©. As these are the more secure and since they will block both in and out traffic.

[*]Update your Anti Virus Software - It is imperitive that you update your Anti virus software at least once a week (Even more if you wish). If you do not update your anti virus software then it will not be able to catch any of the new variants that may come out.

[*]Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly. For an article on Firewalls and a listing of some available ones see the link below:
Click here for more information on -> Computer Safety On line - Software Firewalls

I would recommend ZoneAlarm© as a firewall as it's easy to use. But for a more secure firewall, Sunbelts Kerio© is the one.

[*]Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

Set up system to ensure a regular update of the Operating System.

Automatically:
  1. On the Desktop, right-click My Computer.
  2. Click Properties.
  3. Click on Automatic Updates
  4. Check the option of choice (I use Automatic (Recommended)). If you use dial-up I would recommend using the
    Notify Me option so that you can download when you can afford the time and bandwidth overheads.
  5. Select the Day/Time of choice
  6. Click Apply
  7. Click OK


Next, if they're not already present, I would recommend the download and installation of some or all of the following programs (all free), and the updating of them regularly

[*]Install Spybot© - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option.
This will provide real-time spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an anti virus software. A tutorial on installing & using this product can be found here: Click here for more info -->Instructions for - Spybot S & D and Ad-aware

[*]Install Lavasofts© Ad-Aware - Install and download Ad-Aware. You should also scan your computer with the program on a regular basis just as you would an anti virus software in conjunction with Spybot. A tutorial on installing & using this product can be found here: Click here for more info -->Instructions for - Spybot S & D and Ad-aware

[*]Install Javacools© SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer and Firefox settings and that will protect you from running and downloading known malicious programs. A article on anti-malware products with links for this program and others can be found here: Click here for more info -->Computer Safety on line - Anti-Malware

[*]Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
Follow this list and you are less susceptible to attacks.

Safe Surfing,

Rogue
User avatar
Rogue
MRU Teacher Emeritus
 
Posts: 4782
Joined: November 3rd, 2005, 3:21 pm
Location: Salt Lake City, Utah

Unread postby Nick-YF19 » February 5th, 2006, 7:57 am

Glad we could be of assistance.

This topic is now closed. If you wish it
reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.


You can help support this site from this link :
Donations For Malware Removal

Do not bother contacting us if you are not the topic starter. A valid,
working link to the closed topic is required along with the user name used.
If the user name does not match the one in the thread linked, the email will be deleted.
User avatar
Nick-YF19
Admin/Teacher Emeritus
 
Posts: 4036
Joined: May 17th, 2005, 12:42 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 61 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware