I am glad to hear that you already deleted that file. Go ahead and delete the haxfix
from your desktop too, if you haven't done it already. Empty your Recycle Bin.
I can't save Kaspsky log since no malware was found.
I guess we can say that your system is clean now.
Here are the last instructions and some tips to keep it that way.
Ewido is a very good tool, excellent against trojans and worms. You may leave it installed and use it's scanner feature. You won't be able to use the realtime protection if the trial is expired but you'll be able to clean up and install the manual updates. If you wish, you may remove it through Add/Remove programs in your Control Panel
Disable and Enable System Restore
If you are using Windows ME or XP then you should disable and re-enable system restore
to make sure there are no infected files found in a restore point. Because Windows regularly sets restorepoints, it's very possible that the malware, you have removed, is still present in the System Restore. If you put Windows back to such a restorepoint, this malware will be put back, as well.
This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected.) Please do this ONLY ONCE
, not on a regular basis.
1. Right-click My Computer
, and then click Properties
2. On the System Restore tab, put a check mark in the 'Turn Off System Restore
' check box.
3. Click OK
, and then click Yes
4. Restart the computer.
5. Repeat steps 1 - 2, this time clearing the box beside 'Turn Off System Restore
', click 'OK
You can also find instructions on how to disable and re enable system restore here:
Windows XP System Restore Guide
And that's all. But to help protect you against further infections, and also to help prevent criminals using your computer to infect other people's computers on the web, I recommend the following:
(You may already have some of the items)
Make your Internet Explorer more secure
- This can be done by following these simple instructions:
From within Internet Explorer click on the Tools
menu and then click on Options
Click once on the Security
Click once on the Internet
icon so it becomes highlighted.
Click once on the Custom Level
Change the Download signed ActiveX controls
Change the Download unsigned ActiveX controls
Change the Initialise and script ActiveX controls not marked as safe
Change the Installation of desktop items
Change the Launching programs and files in an IFRAME
Change the Navigate sub-frames across different domains
When all these settings have been made, click on the OK
If it prompts you as to whether or not you want to save the settings, press the Yes
Next press the Apply
button and then the OK
to exit the Internet Properties page.
Avoid illegal sites, because that's where most malware is present.
* Don't click on links inside popups.
* Don't click on links in spam messages claiming to offer anti-spyware software; because most of these so called removers ARE spyware.
* Download free software only from sites you know and trust. Because a lot of free software can bundle other software, including spyware.
Keep your antivirus-program up-to-date and do regular scans with it
. Please make sure that you have only one active antivirus program on your system.
If you haven't got a antivirus, you can download and install one of the following free ones: Make sure that you have only ONE
antivirus running on your computer as more than one would cause conflict and render the computer vulnerable.
AVG Free here
It is essential to keep the anti-virus program fully updated.
IMPORTANT: You Need to Update Windows and Internet Explorer to protect your computer from the malware that is around on the Internet. Please go to the windows update site <http://windowsupdate.microsoft.com/> to get the critical updates.
If you are running Microsoft Office, or any portion thereof, go to the Microsoft's Office Update site <http://office.microsoft.com/officeupdate/maincatalog.aspx?lc=en-us> and make sure you have at least all the critical updates installed (Free) Microsoft Office Update.
Keep your pestware-scanners up-to-date and do regular scans with them
To keep your computer free of Spyware, Adware, Hijackers etc., download and install the following free pestware-scanners (if you haven't installed them already):
Remember to "immunize" after each update
Windows Defender here
Install realtime pestware-scanners and keep them up-to-date.
The following free realtime pestscanners prevent a number of malware-variants from entering your computer, in the first place:
Remember to "enable all protection" after each update.
If you haven't got one, already, install a firewall and keep it up-to-date
. Please make sure that you have only one active firewall on your system.
A firewall will prevent unauthorized contact between your computer and internet.
If there is no firewall installed on your computer, you can download and install one of the following free firewalls:
Kerio Personal Firewall here
Important: (Windows XP only) If you install a firewall, be sure to turn off the WinXP-firewall!
Test your firewall here
to make sure that it's working properly
Install these programs, to make surfing with Internet Explorer safer
A popup-blocker, f.e. Google Toolbar here
: A popup-blocker prevents popup-windows from opening, when you come along a websites that uses them, during internet-surfing.
: This utility adds a long list of known bad sites to Internet Explorer's Restricted Sites zone. This prevents those sites from executing their malicious programs on your computer.
SiteHound by Firetrust
Firetrust introduces the SiteHound Toolbar - the safe way to browse the Internet. With SiteHound, when you browse the Internet, you're shown a warning page every time you go to a site which is a known scam, potentially loads viruses or spyware on to your computer, has questionable content or anything you would not consider reasonable. You are shown a warning page with information about that site. From there you can choose to enter the site or go back. SiteHound is a free add-on to Internet Explorer.
SiteHound will alert you when you enter a site which is known to contain:
â€¢ Fraudulent claims or scams
â€¢ Offensive material
â€¢ Security vulnerabilities
â€¢ Spyware or Adware
â€¢ Spam related material
â€¢ or other content deemed to be unsafe
Specifically, SiteHound blocks these categories:
â€¢ Adult â€¢ Spyware â€¢ Spam Advertising â€¢ Phishing â€¢ Possible scam or fraud â€¢ Misleading or False Advertising
â€¢ Pharming â€¢ Rogue or Suspect Product â€¢ Adware â€¢ Malware or Virus
Install and use an alternative browser to surf on the internet
Because Internet Explorer is the most-used browser on the planet, most of the hijackers, adware and spyware are made to abuse your computer thru Internet Explorer.
Here are some good alternative browsers:
Mozilla Suite here
Mozilla Firefox here
: You can not uninstall Internet Explorer.
First of all, it's part of Windows and you'll need it to download and install Windows Updates.
Secondly, There are some sites that are only accessable with Internet Explorer, e.g. most of the Online Malware-scanners.
But above all, keep all your software UP-TO-DATE
at all time!!
Also, I would recommend reading the excellent advice by Tony Klein: So how did I get infected in the first place
Happy and safe surfing.
Please take the time to visit Malware Complaints
and register your complaint.
The infection you had was Haxdoor trojan