The good news is the file size is so small that it will not contain any malicious code. Your computer now looks clean so let's tidy up. If the settings.dat file is still there after we've tidied up, I suggest renaming it to settings.dat.old and see if anything complains. You can simply rename the file back to settings.dat. If nothing complains after a while, then drop it into the Recycle Bin.
Please let me know if you are experiencing any other problems with the computer before undertaking the following.
1 - Delete ComboFix
Click Start > Run > type combofix /uninstall > OK (Note the space between combofix and /uninstall)
Please advise if this step is missed for any reason as it performs some important actions.
Note: If your protection programs give any warnings, please allow ComboFix to run.
2 - Clean Up
Please download OTC from >here<
Click the OTC icon and then click the CleanUp button.
Please OK any warnings and let the program proceed its clean up routine.
At the end the program will ask to let it reboot the computer. Let it do so.
Let me know if there were any problems with OTC.
3 - Protection Programs
Don't forget to re-enable any protection programs you may have disabled during your fix.
4 - General Security and Computer Health
Below are some steps to follow in order to dramatically lower the chances of reinfection.
You may have already implemented some of the steps below, however you should follow any steps that you have not already implemented.
- Make sure that you keep your antivirus updated
New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software. Good antivirus programs will update themselves as least daily.
Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.
- Install and use a firewall with outbound protection
The Windows XP firewall only monitors incoming traffic, NOT outgoing. Using a software firewall in its default configuration to replace the Windows firewall greatly reduces the risk of your computer being hacked. Make sure your firewall is always enabled while your computer is connected to the internet.
Note: You should only have one firewall installed at a time. Having more than one firewall installed at once is likely to cause conflicts and may well decrease your overall protection as well as seriously impairing the performance of your PC.
- Security Updates for Windows, Internet Explorer & Microsoft Office
Whenever a security problem in its software is found, Microsoft will usually create a patch so that after the patch is installed, attackers can't use the vulnerability to install malicious software on your PC. Keeping up with these patches will help to prevent malicious software being installed on your PC.
Ensure you are registered for Windows updates via Start > right-click on My Computer > Properties > Automatic Updates tab or visit the >Microsoft Update site< on a regular basis.
Note: The update process uses ActiveX, so you will need to use Internet Explorer and allow the ActiveX control to install.
- Update Non-Microsoft Programs
Microsoft isn't the only company whose products can contain security vulnerabilities. To check whether other programs running on your PC are in need of an update, you can use the >Secunia Software Inspector< - I suggest that you run it at least once a month
- Make Internet Explorer More Secure
Click Start > Run > type inetcpl.cpl > OK
Click on the Security tab
Click Reset all zones to default level
Make sure the Internet Zone is selected and click Custom level
In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
Next Click OK, then Apply button and then OK to exit the Internet Properties page.
Further information for IE7 can be found >here<
Next, if they're not already present, I would recommend the download and installation of some or all of the following programs, and the updating of them on a regular basis:
Anti-Spyware is NOT the same thing as antivirus. Different anti-spyware programs detect different things so having more than one program is OK however you should only have ONE program running and use others 'on demand'. Having more than one running *may* cause conflicts but will certainly slow the computer down.
Malwarebytes' Anti-Malware: >Information< and is available from >here<
Spybot Search & Destroy: >Information< and is available from >here<
a-squared Free: >Information< and is available from >here<
Note: If you have a dialup internet connection, you may also like to install >a-squared Anti-Dialer< which provides some real time protection against premium rate dialers.
These programs are designed to help stop malware getting on to your computer. Each does a different job so having more than one is OK.
WinPatrol: As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge. >Information<, >features<, and >download<
Hosts File: For added protection you may also like to add a host file. A simple explanation of what a Hosts file does is >here< and for more information regarding host files read >here<
SpywareBlaster: SpywareBlaster sets killbits in the registry to prevent known malicious ActiveX controls from installing on your computer. If you don't know what ActiveX controls are, see >here< and you can download SpywareBlaster from >here<
- Cleaning Temporary Internet Files and Tracking Cookies
Temporary Internet Files are mainly the files that are stored on your computer when you open a web page. If the web site you visit is of a dubious nature or has been hacked, the files can be an entry point for malware. It is a good idea to empty the Temporary Internet Files folder on a regular basis.
Tracking Cookies are files that web sites use to monitor which sites you visit, when, and how often. Some anti-spyware scanners pick up these tracking cookies and flag them as unwanted.
CAUTION:- If you delete all your cookies, you will lose any autologin information for web sites that you visit, and will need to re-enter your passwords for those sites.
Both temporary internet files and tracking cookies can be cleaned manually but a quicker option is to use a program:
>ATF Cleaner< Free and very simple to use.
>CCleaner< Free and very flexible, you can choose which cookies to keep.
- It is absolutely essential to keep all of your security programs up to date.
I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.