Soft Soldier on my computer-no result on malwarebytes

[Blade81]

Hi,

See if fresh ComboFix.txt file exists. If not, run ComboFix with the script again.

[verveine]

ok, again, I'll be back this afternoon / evening.

[verveine]

Hi, I ran ComboFix again and it went fine. See below for the log.

I looked for C:\A through the search function and it contained an assortment of files I created (.odt, audible files etc.) plus some windows data and ThinkVantage files. I didn't actually find a folder A on C, though!

I'll be back with the dds.log and the Kaspersky report shortly.

ComboFix 09-10-28.08 - verveine 30.10.2009 19:14.2.2 - NTFSx86

Microsoft

[verveine]

Hi again, here are the dds.txt and the Kaspersky Log:

DDS (Ver_09-09-29.01) - NTFSx86

Run by verveine at 10:46:35,93 on 31.10.2009

Internet Explorer: 8.0.6001.18828

Microsoft

[Blade81]

Yep, looks pretty good now

THESE STEPS ARE VERY IMPORTANT

Let's reset system restore

Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: You will lose all previous restore points which are likely to be infected. Please note you need Administrator Access to do clean the restore points.

A To disable the System Restore feature:

1. Click on the Start button.

2. Hover over the Computer option, right click on it and then click Properties.

3. On the left hand side, click Advanced Settings.

4. If asked to permit the action, click on Allow.

5. Click on the System Protection tab.

6. Uncheck any checkboxes listed for your hard drives.

7. Press OK.

B. Reboot.

C Turn ON System Restore.

Follow the steps like you did when disabling system restore but on step 6. check any checkboxes listed for your hard drives.

Now lets uninstall ComboFix:

• Click START then RUN
  
• Now copy-paste Combofix /uninstall in the runbox and click OK
  

Please download OTC and save it to desktop.

• Double-click OTC.exe.
  
• Click the CleanUp! button.
  
• Select Yes when the
  Begin cleanup Process?
  prompt appears.
  
• If you are prompted to Reboot during the cleanup, select Yes.
  
• The tool will delete itself once it finishes, if not delete it by yourself.
  

Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.

UPDATING WINDOWS AND INTERNET EXPLORER

IMPORTANT: You Need to Update Windows and Internet Explorer to protect your computer from the malware that is around on the Internet. Please go to the windows update site to get the critical updates.

If you are running Microsoft Office, or any portion thereof, go to the Microsoft's Office Update site and make sure you have at least all the critical updates installed (Free) Microsoft Office Update.

Make your Internet Explorer more secure

This can be done by following these simple instructions:

From within Internet Explorer click on the Tools menu and then click on Options.

Click once on the Security tab

Click once on the Internet icon so it becomes highlighted.

Click once on the Custom Level button.

Change the Download signed ActiveX controls to Prompt

Change the Download unsigned ActiveX controls to Disable

Change the Initialize and script ActiveX controls not marked as safe to Disable

Change the Installation of desktop items to Prompt

Change the Launching programs and files in an IFRAME to Prompt

Change the Navigate sub-frames across different domains to Prompt

When all these settings have been made, click on the OK button.

If it prompts you as to whether or not you want to save the settings, press the Yes button.

Next press the Apply button and then the OK to exit the Internet Properties page.

The following are recommended third party programs that are designed to keep your computer clean. A link as well as a brief description is included with each item.

• hosts file:
  
  • Every version of windows has a hosts file as part of them.
    
  • In a very basic sense, they are used to locate webpages.
    
  • We can customize a hosts file so that it blocks certain webpages.
    
  • However, it can slow down certain computers.
    
  • This is why using a hosts file is optional!!
    

  Download it here. Make sure you read the instructions on how to install the hosts file. There is a good tutorial here

  If you decide to download the hosts file, the slowdown problems can usually be avoided by following these steps:

  1. 
     
     
  2. Click the start button (at the lower left hand corner of your screen)
     
  3. Click run
     
  4. In the dialog box, type services.msc
     
  5. hit enter, then locate dns client
     
  6. Highlight it, then double-click it.
     
  7. On the dropdown box, change the setting from automatic to manual.
     
  8. Click ok
     

Just a final reminder for you. I am trying to stress these two points.

UPDATE UPDATE UPDATE!!! Make sure you do this about every 1-2 weeks.

Make sure all of your security programs are up to date.

Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

Once again, please post and tell me how things are going with your system... problems etc.

Have a great day,

Blade

[verveine]

Hi,

I

• reset system restore
  
• uninstalled ComboFix
  
• used OTC
  
• and updated windows.
  

Can I just uninstall IE since I use Firefox anyway?

I'll probably use the hosts file but I'll leave that for a day when I'm more alert

System seems to run fine, my only problem is updating Avira Antivir which takes ages!!! Any idea what could be wrong?

Also, is the Windows Defender a sufficient to keep my notebook save (combined with AntiVir and ZoneAlarm Firewall)?

Thanks again for all your help, I am so grateful!

have a nice weekend,

best wishes,

verveine

[Blade81]

Can I just uninstall IE since I use Firefox anyway?

I wouldn't do that myself. Some programs use IE components, so it's not just for web browsing there.

System seems to run fine, my only problem is updating Avira Antivir which takes ages!!! Any idea what could be wrong?

I've seen that happen sometimes too.

Also, is the Windows Defender a sufficient to keep my notebook save (combined with AntiVir and ZoneAlarm Firewall)?

I recommend to have MBAM there too.

[verveine]

Hi,

sorry I took so long to reply, too much work!

Ok, so I'll leave IE on my computer. Problem is, I can't access any website with it and I seem to be too stupid to update it (if neccessary) How do I do this?

Antivir: Is this an Antivir problem or does this occur because of some mistake on my notebook?

MBAM: So you think I should buy MBAM to have real time protection? I contemplated buying a solution for all malware, virus, spyware etc. issues, such as PCcillin or Kaspersky or Norton. Would you reccomend that?

Thanks again for all your help with my computer problems! You were great!

verveine

[Blade81]

Ok, so I'll leave IE on my computer. Problem is, I can't access any website with it and I seem to be too stupid to update it (if neccessary) How do I do this?

Have you given IE permission to access internet in Zonealarm?

Antivir: Is this an Antivir problem or does this occur because of some mistake on my notebook?

If same problem occurs all the time then it sounds like updater is blocked. Verify that Antivir is allowed in Zonealarm.

MBAM: So you think I should buy MBAM to have real time protection? I contemplated buying a solution for all malware, virus, spyware etc. issues, such as PCcillin or Kaspersky or Norton. Would you reccomend that?

MBAM is very good antispyware tool and license cost to get real-time protection is pretty low compared to many others. If you want commercial antivirus protection then I'd recommend Kaspersky of those three. Of free options your current choice (Antivir) is good one too.

[AdvancedSetup]

Due to the lack of feedback this Topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you.