Welcome to MalwareRemoval.com, What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.
Hi Vino Rosso, no-one is logged in the computer after myself. No-one is logged into the 'Barbara' account, which is a limited account. Anyway, SpybotS&D did not find anything relevant (only a few IE cookies). Also the major threath (CARPEDIEM VARS dialer) disappeared. I attach, to whom it may concern, the last log from ClamAV and I test now Windows, following a every-day-use style. I hope everything will be fine. I thank you for your kind collaboration and invaluable effort. Sincerely,
You do not have the required permissions to view the files attached to this post.
Your log now appears to be clean. Congratulations!
Please let me know of any problems before continuing with the following.
1 - Delete ComboFix and Clean Up Click Start > Run > type combofix /u > OK (Note the space between combofix and /u) Please advise if this step is missed for any reason as it performs some important actions. Note: If your protection programs give any warnings, please allow ComboFix to run.
2 - General Security and Computer Health Below are some steps to follow in order to dramatically lower the chances of reinfection You may have already implemented some of the steps below, however you should follow any steps that you have not already implemented.
Clear Infected System Restore Points
Turn System Restore off
On the Desktop, right click on the My Computer icon.
Click the System Restore tab.
Check Turn off System Restore on all drives.
Click Apply, and then click OK.
Restart your computer
Turn System Restore on
On the Desktop, right click on the My Computer icon.
Click the System Restore tab.
Uncheck Turn off System Restore on all drives.
Click each drive in turn where system restore is not required and click Settings
Check Turn off system restore on this drive, click Yes then click OK.
Note: only do this once, and not on a regular basis
Make sure that you keep your antivirus updated New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software. Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.
Install and use a firewall with outbound protection The Windows firewall only monitors incoming traffic, NOT outgoing. Using a software firewall in its default configuration to replace the Windows firewall greatly reduces the risk of your computer being hacked. Make sure your firewall is always enabled while your computer is connected to the internet. Note: You should only have one firewall installed at a time. Having more than one firewall installed at once is likely to cause conflicts and may well decrease your overall protection as well as seriously impairing the performance of your PC.
Security Updates for Windows, Internet Explorer & Microsoft Office Whenever a security problem in its software is found, Microsoft will usually create a patch so that after the patch is installed, attackers can't use the vulnerability to install malicious software on your PC. Keeping up with these patches will help to prevent malicious software being installed on your PC. Ensure you are registered for Windows updates via Start > right-click on My Computer > Properties > Automatic Updates tab or visit the >Microsoft Update site< on a regular basis. Note: The update process uses ActiveX, so you will need to use internet explorer for it and allow the ActiveX control to install.
Update Non-Microsoft Programs Microsoft isn't the only company whose products can contain security vulnerabilities. To check whether other programs running on your PC are in need of an update, you can use the >Secunia Software Inspector< - I suggest that you run it at least once a month
Make Internet Explorer More Secure Click Start > Run > type inetcpl.cpl > OK Click on the Security tab Click Reset all zones to default level Make sure the Internet Zone is selected and click Custom level In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable". Next Click OK, then Apply button and then OK to exit the Internet Properties page. Further information for IE7 can be found >here<
Next, if they're not already present, I would recommend the download and installation of some or all of the following programs, and the updating of them on a regular basis:
WinPatrol As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge. For more information, please visit >here<
SpywareBlaster SpywareBlaster sets killbits in the registry to prevent known malicious ActiveX controls from installing on your computer. If you don't know what ActiveX controls are, see >here< You can download SpywareBlaster from >here<
Spybot Search & Destroy Instructions are located >here< Make sure you update, reimmunize and scan regularly
Hosts File For added protection you may also like to add a host file. A simple explanation of what a Hosts file does is >here< and for more information regarding host files read >here<
a-squared Free a-squared free is a product from Emsi Software, provided free for private use, that can detect and remove a variety of malicious software. You can get it >here< Note: If you have a dialup internet connection, you may also like to install >a-squared Anti-Dialer< which provides some real time protection against premium rate dialers
Finally I am trying to make one point very clear. It is absolutely essential to keep all of your security programs up to date
I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.
Hi Vino Rosso, I followed Your kind advice through point f. and everything seems stable and fine. At the moment I will NOT load any more security program and I will trust only Spybot and ClamAV. By the way, I also configured properly the CD burner, which gave me a lot of troubles in the past, reading some documentation about administrative tasks in WXPPro, and I learned a bunch of useful infos on computer protection. So it is safe to positively close this thread. A last notice: I will donate some bucks to the Spybot project, which helped me A LOT; can you give an advice about another program which is worth donate to? You worked for me, Vino, without a fee, so I think it is correct to give a SMALL amount of money to a safety project following Your advice. Of course, You can just accept my heartful THANK YOU. Peace be upon You.
Another excellent program is >WinPatrol<. It's not so much a scanner but a monitor. I believe it would be a good addition to your setup. "WinPatrol uses a heuristic behavioral approach to detecting attacks and violations of your computing environment. Traditional security programs scan your hard drive searching for previously identified threats. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge."
Finally, all helpers here are volunteers and do not accept any payment for the help we provide. The forum hosting however is not free and we do rely on donations to keep us online. If you wish to donate, no matter how small, it would be greatly appreciated. >Malware Removal Donations Page< or click 'Support Us' at the top of the page.
Do not bother contacting us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.