This is my general post for when your logs
show no signs of malware
- Time for some housekeepingClean up with OTL
You can now delete any tools we used if they remain on your Desktop. Protection Programs
- Double-click OTL.exe to start the program, This tool will remove all the tools we used to clean your pc.
- Close all other programs apart from OTL as this step will require a reboot
- On the OTL main screen, press the CleanUp! button
- Say Yes to the prompt and then allow the program to reboot your computer.
Don't forget to re-enable any protection programs we disabled during your fix. General Security and Computer Health
Below are some steps to follow in order to dramatically lower the chances of reinfection. You may have already implemented some of the steps below, however you should follow any steps that you have not already implemented.
- Clear Old System Restore Points
For Windows Vista and Windows 7:
- Click start, type Disk Cleanup in the search box
- Right-Click Disk Cleanup and select "Run as Administrator" and accept the UAC elevation prompt.
- Select the drive where Windows is installed (if you have more than one drive) and click "OK".
- When the scan completes, check/uncheck desired boxes.
- Next, please click the More Options tab at the top.
- Click the "Clean up..." button under the "System Restore and Shadow Copies" section at the bottom.
- Click Delete in response to the question "Are you sure you want to delete all but the most recent restore point?", click OK and answer Yes again.
- The disk clean up utility will remove the selected items. When it completes, please restart the computer to properly record the changes made to the hard disk.
- Set correct settings for files
- Click Start > My Computer > Tools menu (at top of page) > Folder Options > View tab.
- Under Hidden files and folders if necessary select Do not show hidden files and folders.
- If unchecked please check Hide protected operating system files (Recommended)
- If necessary check Display content of system folders
- If necessary Uncheck Hide file extensions for known file types.
- Click OK
- Make sure that you keep your antivirus updated
New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.
Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.
- Security Updates for Windows, Internet Explorer & Microsoft Office
Whenever a security problem in its software is found, Microsoft will usually create a patch so that after the patch is installed, attackers can't use the vulnerability to install malicious software on your PC. Keeping up with these patches will help to prevent malicious software being installed on your PC. Ensure you are registered for Windows updates via Start > right-click on My Computer > Properties > Automatic Updates tab or visit the Microsoft Update site on a regular basis.
Note: The update process uses ActiveX, so you will need to use internet explorer for it and allow the ActiveX control to install.
- Update Non-Microsoft Programs
Microsoft isn't the only company whose products can contain security vulnerabilities. To check whether other programs running on your PC are in need of an update, you can use the Secunia Software Inspector - I suggest that you run it at least once a month.
I would recommend the download and installation of some or all of the following programs (if not already present), and the updating of them on a regular basis
As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge. For more information, please visit HERE.
- WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites - green to go, yellow for caution and red to stop, helping you avoid the dangerous sites. WOT has an addon available for both Firefox and IE.
- Malwarebytes' Anti-Malware or SuperAntiSpyware
These are anti-malware applications that can thoroughly remove even the most advanced malware. They include a number of features, including a built in protection monitor that blocks malicious processes before they even start.
You can download Malwarebytes' Anti-Malware from HERE. You can find a tutorial HERE.
You can download SuperAntiSpyware from HERE.
- Hosts File
For added protection you may also like to add a host file. A simple explanation of what a Hosts file does is HERE and for more information regarding host files read HERE.
Be sure to disable the service "DNS Client" FIRST to allow the use of large HOSTS files without slowdowns.
If this isn't done first, the next reboot may take a VERY LONG TIME.
This is how to do it. First be sure you are signed in as a user with administrative privileges:
Stop and Disable the DNS Client Service
Go to Start, Run and type Services.msc and click OK.
Under the Extended Tab, Scroll down and find this service.
Right-Click on the DNS Client Service. Choose Properties
Select the General tab. Click on the Stop button.
Click the Arrow-down tab on the right-hand side at the Start-up Type box.
From the drop-down menu, click on Manual
Click the Apply tab, then click OK
- Use an alternative Internet Browser
Many of the exploits are directed to users of Internet Explorer. Try using a different browser instead:
Finally I am trying to make one point very clear. It is absolutely essential
to keep all of your security programs up to date.
Also please read this great article How to prevent Malware
by miekiemoes. I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.