Free Malware Removal Forum

[jonquest]

Here is my DSS DAFT log... looking good! I also noticed when I started up my computer this morning that there were no problems with start up programs and no .dll problems.


DAFT Log saved on 2008-08-02 10:30:33
-----------------------------------------------------------------------
All associations okay!

[mjq424]

Hi
You are looking clean

Please download JavaRa and unzip it to your desktop.

• Double-click on JavaRa.exe to start the program.
• Click on Remove Older Versions to remove the older versions of Java installed on your computer.
• Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
• A logfile will pop up. Please save it to a convenient location.

Then download and install Java Runtime Environment (JRE) 6 Update 7.

Let's clear out the programs we've been using to clean up your computer, they are not suitable for general malware removal and could cause damage if used inappropriately.

• Double click OTMoveIt2.exe to launch it.
• Click on the CleanUp! button.
• OTMoveIt will download a list from the Internet, if your firewall or other defensive programs alerts you, allow it access.
• You will be prompted to allow the clean up procedure, click Yes
• When finished exit out of OTMoveIt2
• Now delete OTMoveIt2.exe, DSS.exe, JavaRa.exe and javaRa.zip (if still present)

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

1. Create a new, clean System Restore point which you can use in case of future system problems:
   Press Start->All Programs->Accessories->System Tools->System Restore
   Select Create a restore point, then Next, type a name like All Clean then press the Create button and once it's done press Close
   
   Now remove old, infected System Restore points:
   Next click Start->Run and type cleanmgr in the box and press OK
   Ensure the boxes for Recycle Bin, Temporary Files and Temporary Internet Files are checked, you can choose to check other boxes if you wish but they are not required.
   Select the More Options tab, under System Restore press Clean up... and say Yes to the prompt
   Press OK and Yes to confirm
   
2. Make your Internet Explorer more secure - This can be done by following these simple instructions:
   1. From within Internet Explorer click on the Tools menu and then click on Options.
   2. Click once on the Security tab
   3. Click once on the Internet icon so it becomes highlighted.
   4. Click once on the Custom Level button.
      
      1. Change the Download signed ActiveX controls to Prompt
      2. Change the Download unsigned ActiveX controls to Disable
      3. Change the Initialise and script ActiveX controls not marked as safe to Disable
      4. Change the Installation of desktop items to Prompt
      5. Change the Launching programs and files in an IFRAME to Prompt
      6. Change the Navigate sub-frames across different domains to Prompt
      7. When all these settings have been made, click on the OK button.
      8. If it prompts you as to whether or not you want to save the settings, press the Yes button.
   5. Next press the Apply button and then the OK to exit the Internet Properties page.
3. Update your Anti Virus Software - It is imperitive that you update your Anti virus software at least once a week (Even more if you wish). If you do not update your anti virus software then it will not be able to catch any of the new variants that may come out.
   
4. Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
   
5. Download and Install a HOSTS File
   A HOSTS file is a big list of bad web sites. The list has a specific format, a specific name, (name is just HOSTS with no file extension), and a specific location. Your machine always looks at that file in that location before connecting to a web site to verify the address. So the HOSTS listing can be used to "short circuit" a request to a bad website by giving it the address of your own machine.
   
   Download BlueTack's HOSTS Manager here, using Internet Explorer (Firefox won't work):
   http://www.bluetack.co.uk/forums/index.php?act=dscript&CODE=showdetails&f_id=5
   A short distance down the page in the center, click on the Download button.
   Agree to the license.
   On the next page, to the right side of where it says Download Estimates, right click on the underlined word "Hosts Manager" choose "Save Target As" and download the installer Hosts20setup.exe to your desktop.
   Double click the Installer on your desktop and let it Install the Hosts Manager
   
   After the installation is complete, click on the Hosts Manager icon on your desktop. (You can delete the other Hosts Switch icon from your desktop).
   When the Hosts Manager comes up, click the small down arrows on the Right side of the bar labeled "Options and Tools",
   Click Disable DNS Service. This is important
   In the Left Pane, click Download.
   It will load 70,000 lines or more. When it finishes, also in the left pane, click Replace, and then click Save.
   You can use this manager to handle your HOSTS file download, edits, and most any other HOSTS issue.
   
   If you have a separate third party Firewall or Winpatrol, you may have to give permissions at various times to Unlock the present default HOSTS file and install the new one.
   
6. Install WinPatrol - Download and install Winpatrol by BillP Studios.
   This program can monitor what software start with Windows. You can delay startup for some programs and stop malicious programs from starting up. It can also view some hidden files.
   Download it from here
   
7. Install ThreatFire - Download and install ThreatFire. This program defends against malware by detecting certain malicious behaviours. It is configured "out-of-the-box" and acts as a complement to your Antivirus software. It can be downloaded here:
   PC Tools ThreatFire
   
8. Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically.

[jonquest]

Well, I guess my computer has a clean bill of health now! Thank you soooo much for your help with all this! It is such a weight off of my shoulders to know this is finally taken care of. I appreciate the work you guys go through to help people like us clean up our mistakes. Thank you for the effort, the dillegence and the professionalism in helping get this taken care of. Please also thank your mentor/teacher/whoever it is helping you graduate from Malware Removal University!

Before I sign off... one quick question... I'm just curious, the first thing you had me do is run a Vundofix program that didn't end up getting any results. The Malwarebytes program I ran shortly afterword did get results and removed some Trojan.Vundo infections. Any idea why the Vundo fix missed that? I've been wondering that from the beginning, but didn't want to waste time on it when there was still work to do.

[mjq424]

Hi
There are so many different variants of the Vundo program that it is very hard indeed for tool developers to keep up. It may just be that VundoFix wasn't quite as up-to-date as Malwarebytes' AntiMalware.

I'm glad I could be of assistance.
Happy Safe surfing!

[Shaba]

jonquest this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.