Maurice Naggar

<LOL> <OMG> That is a prompt for the DDS report utility. Click on Start and let it run !!! It will produce 2 reports on your DESKTOP (where the DDS should have been saved....when I 1st asked you). Copy and Paste all the contents of DDS.txt also Attach.txt

The MVP Hosts file adds a layer of protection, whether or not you have McAfee. The steps for it are fairly simple: Get and use MVP Mike Burgess' custom hosts file http://mvps.org/winhelp2002/hosts.htm Steps to follow for the MVP Hosts file: 1) Download and SAVE the zip file to a temporary folder 2) Unzip (extract the contents) in the same folder 3) Temporarily disable your antivirus program. Some antivirus apps will block changes to the Hosts file; so turn it off. 4) After extract is complete, run mvps.bat batch file. This copies your pre-existing Hosts file to Hosts.mvp in the folder where Windows' Hosts resides typically, C:\WINDOWS\system32\drivers\etc and after that copy is saved, it replaces the old Hosts with the new one. And you should see (in the blue background command window) the following: Find the folder where you saved the original download. Delete hosts.zip and a file folder there named hosts The latter is the same folder that had mvps.bat 5) Re-enable your antivirus app. The MVP Hosts file is updated from time to time. See http://msmvps.com/blogs/hostsnews for information. And you can also sign-up for email notice when Mike publishes updates. I wish you well. Cheers.

Thread re-opened per request.

Already being helped at MajorGeeks, same system and issue... Thread Closed.

Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks!

Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks!

Write down the complete message and then post it back here.

You may Delete all those.

Screenshot not needed. Which web-sites do you visit? The technical name escapes me just now, for what you are seeing. Those are embedded links to "descriptions" or external data related (maybe) to the word under your mouse. So, move or position your mouse pointer to a neutral position {like some corner) so it is not hovering over any words. The last MBAM scan shows yet another "trojan". Do this next online scan You will want to print out or copy these instructions to Notepad for offline reference! Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs Do NOT turn off the firewall Close all open browsers at this point. Start Internet Explorer (fresh) by pressing Start >> Internet Explorer >> Right-Click and select Run As Administrator. Using Internet Explorer browser only, go to ESET Online Scanner website: http://www.eset.com/onlinescan/ Accept the Terms of Use and press Start button; Approve the install of the required ActiveX Control, then follow on-screen instructions; Enable (check) the Remove found threats option, and run the scan. After the scan completes, the Details tab in the Results window will display what was found and removed. A logfile is created and located at C:\Program Files (x86)\Eset\EsetOnlineScanner\log.txt. Look at contents of this file using Notepad. The Frequently Asked Questions for ESET Online Scanner can be viewed here http://go.eset.com/us/online-scanner/faq It is emphasized to temporarily disable any pc-resident {active} antivirus program prior to any on-line scan by any on-line scanner. (And the prompt re-enabling when finished.) If you use Firefox, you have to install IETab, an add-on. This is to enable ActiveX support. Do not use the system while the scan is running. Once the full scan is underway, go take a long break Re-enable the antivirus program. Reply with copy of the Eset scan log

What browser do you have set as default? Which browser do you typically use? Why don't you have the option on where to save? Maybe you responded with some click in the past for it to NOT ask you in future. This FSS report is good. For the HP updates you must seek help on the HP support forums. I cannot help you on that, plus that is not malware related. HOW is your system now ? Is your original problem old-history? (gone?)

We can wrap this up now. I see that you are clear of your original issues. If you have a problem with these steps, or something does not quite work here, do let me know. The following few steps will remove tools we used. Advise me after you have completed the cleanups. We have to remove Combofix and all its associated folders. By whichever name you named it, ( you had named it ComboFix ), put that name in the RUN box stated just below. The "/uninstall" in the Run line below is to start Combofix for it's cleanup & removal function. Note the space before the slash mark. The utility must be removed to prevent any un-intentional or accidental usage, PLUS, to free up much space on your hard disk. Highlight the line in this CODEBOX. Select & Copy the entire line within this codebox (so that it is in Windows clipboard memory) c:\users\Ann\Desktop\ComboFix.exe /uninstall Start >> type in cmd >> press the Ctrl+Shift+Enter keyboard combination and cmd.exe will be launched as if you selected Run as Administrator. You will then see a User Account Control prompt asking if you would like to allow the Command Prompt to be able to make changes on your computer. Click on the Yes button and you will now be at the Elevated Command Prompt. Do a Right click within the command prompt window and select Paste. This must show the line from Codebox above. Then tap Enter IF in the case Combofix un-install has an issue, skip that step. NEXT Download OTC to your desktop and run it Click Yes to beginning the Cleanup process and remove these components, including this application. You will be asked to reboot the machine to finish the Cleanup process. Choose Yes. ERUNT you should keep and use periodically to backup Windows registry. Delete the following if still present: Adwcleaner.exe Roguekiller.exe TDSSKILLER.exe SecurityCheck.exe FSS.exe CFscript.txt MGADiag Download TFC by OldTimer to your desktop Please double-click TFC.exe to run it. (Note: If you are running on Vista or Windows 7, right-click on the file and choose Run As Administrator). It will close all programs when run, so make sure you have saved all your work before you begin. Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion. IF prompted to Reboot, reply "Yes". Safer practices & malware prevention Have a hardware router between the incoming internet-modem and your computer. Use a Standard user account rather than an administrator-rights account when "surfing" the web. Configure your Antivirus software to check for updates daily, at a time in which you are sure the computer will be on. Check in at Windows Update and install any Important Updates offered. Make certain that Automatic Updates is enabled. How to configure and use Automatic Updates in Windows http://support.microsoft.com/kb/306525 Check on other update issues as well, visit Secunia Online Software Inspector (OSI) See How to detect vulnerable and out-dated programs using Secunia Personal Software Inspector Download, install, and keep updated Spyware Blaster (free): http://www.javacoolsoftware.com/spywareblaster.html (all Protections should be enabled at all times) Tutorial for Spywareblaster: Using SpywareBlaster to protect your computer from Spyware, Hijackers, and Malware I'd recommend that you get and use MVP Mike Burgess' custom hosts file http://mvps.org/winhelp2002/hosts.htm See the FAQ page http://mvps.org/winhelp2002/hostsfaq.htm That would help to keep your browser away from known spyware/malware sites. Make regular backups of your system to removable media: DVD, USB external hard drive, etc. Having a total image backup of your system stored on DVD/CD is highly important. Get and make use of imaging-backup utilities and save them to offline media. That way you have something to fall back to if another disaster hits. Examples of image backup software: Acronis True Image, or the free (for personal use) Macrium Reflect http://www.macrium.com/reflectfree.asp or Paragon Backup & Recovery http://www.paragon-software.com/home/br-free/download.html Consider using Web of Trust WOT add-on for your browser(s) http://www.mywot.com/en/download http://www.mywot.com/en/faq/add-on On some regular schedule, it is a good idea to do an online scan for viruses and malware. Here is a very short list of sites where this may be done: ESET Online Scanner BitDefender Quickscan Trend Micro Housecall F-Secure Online Scanner Microsoft Safety Scanner Panda ActiveScan See Six tips to help you stay safer online Never, ever download free games, free tools, videos, mutli-media files or anything free unless you can be absolutely sure the source is safe ! Let me know when you have completed the cleanup steps.

No need to re-run the SUR tool. You had several successful updates today from Windows Updates. Congratulations. Any "slow issues" are not necessarily due to malware. They are most likely from other causes. Here are some recommended articles: MS Speed up your pc - Win7 / Vista http://windows.microsoft.com/en-US/windows/explore/speed-up-your-pc What to do if your Computer is running slowly http://www.malwareremoval.com/tutorials/runningslowly.php See Quietman7's Slow Computer/browser? Check Here First http://www.bleepingcomputer.com/forums/topic87058.html See Miekiemoes' Help! My computer is slow! http://users.telenet.be/bluepatchy/miekiemoes/slowcomputer.html Slow Computer/Browser: Check here first! http://www.bleepingcomputer.com/forums/topic44694.html

You must include ALL including the double quotes !!! You mean Windows Updates ?? 1st of all having an Antivirus program is a must, as is keep it up-to-date, plus practicing safe computer use. As well, regular scans with MBAM are highly helpful. Download >> Farbar's Service Scanner utility << and Save to your Desktop. If using Windows 7 or Vista, Right-Click on fss.exe and select Run As Admisnitrator. If using XP, double-click to start. Answer Yes to ok when prompted. If your firewall then puts out a prompt, again, allow it to run. Once FSS is on-screen: Keep the checkmark on Internet Services. Checkmark Windows firewall Checkmark Security Center. Click on "Scan". It will create a log (FSS.txt) in the same directory the tool is run. Copy & Paste FSS.txt with your reply.

Be very sure that you downloaded AND "saved" inherit.exe on the DESKTOP !!!! and you copied and pasted the whole line verbatim {meaning, from beginning to end}

Which "update manager" are you referring to ? (With much thanks to Tetonbob at TSF, whose methods & verbiage I'm using here). Download This tool save it directly to your desktop - not a folder on the desktop - the commands are tailored for the desktop location. Click Start>Run and Copy then Paste ALL the following bolded text into the Run box and click OK: "%userprofile%\desktop\Inherit.exe" "c:\Program Files\Internet Explorer\iexplore.exe" When successfully completed with this, then Logoff and Restart the system fresh ! Step 2 Using Internet Explorer browser (only!) go to http://support.microsoft.com/kb/923737 [ignore any DOES NOT APPLY warning as well as the APPLIES TO section], run the Fix It and then reboot. Tip: For optimal results, enable the Delete personal settings option. Step 3 Save and close any work documents, close any apps that you started. Temporarily turn off (disable) your antivirus program How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs Start your MBAM MalwareBytes' Anti-Malware. Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark. Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark. Next, Click the Update tab. Press the "Check for Updates" button. If prompted for a Restart, do that. When done, click the Scanner tab. Do a Full Scan. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. When all done, Copy & paste the MBAM scan log into a new reply. Tell me, How is the system ? Re-enable your antivirus program.

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks!

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks!

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks!

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks!

When you bought this system, were you provided a WIN7 DVD ? Otherwise, do you know if this pc has a factory-restore partition? Please download Listparts64 Run the tool, click Scan and copy & paste contents of the log (Result.txt) it makes.

Are you sure you set the pc's BIOS boot sequence to boot 1st from USB? and then put the USB flash in the drive? and then powered up the pc, fresh?

Topic re-opened, per member request.

IF Combofix has been "running" and it has been more than an hour.....try CTRL+ALT+DEL to stop and reboot the system. run the Microsoft Windows Defender Offline. This is an "offline" tool that you boot the pc with and scan your system for malware. To get started, find a blank CD, DVD, or USB flash drive with at least 250 MB of free space and then download and run the tool—the tool will help you create the removable media. The basic sequence of steps are a) Download and SAVE the tool to a unique folder/location on your pc b) Create the CD/DVD/USB-flash drive with tool c) Set pc to boot from the offline media d) Place media in & restart system e) Run the tool. Have infinite patience & have it scan the entire system. Remove any malware that is found. Download & info link http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline The frequently asked questions for this tool http://windows.microsoft.com/en-US/windows/windows-defender-offline-faq Another How-to article on WDO http://www.sevenforums.com/tutorials/166445-windows-defender-offline.html

As to changing of passwords, ONLY do that for online passwords but using another but clean system. In other words, if you do change passwords, you must do it using a clean system !. As to restoration by using Acronis, you may consider that.... IF you have a full system image from a known good backup. Let me know what you decide. Please stop trying to run any more Combofix. If needed, we could run other tools. BTW Combofix will at the start, try to save a system restore point IF Windows System restore service is available. And on XP systems, it will attempt to install the XP Recovery Console at the beginning. Also that last "note" you mentioned is just general information, and not necessarily something specific to your system. Other notes: IF this system is a notebook system (or laptop) it is a good practice to have it powered directly to a UPS system or to wall-electric power. And as to ZoneAlarm, I personnaly would have disabled ZA & just turned on the Windows firewall service. ZA adds more complications in these situations.

Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks!