Help Getting Started - having issues

[Elise]

Hi again, most of the items were already in quarantine, so nothing to worry about.

ALL CLEAN

--------------

Your machine appears to be clean, please take the time to read below on how to secure the machine and take the necessary steps to keep it clean

Please do the following to remove the remaining programs from your PC:

• Delete the tools used during the disinfection:
  • Click start > run and type combofix /uninstall, press enter. This will remove Combofix from your computer.
    
  • Rerun OTL and click the Cleanup button. Allow a reboot. This will remove all logs and tools.
    

Please read these advices, in order to prevent reinfecting your PC:

1. Install and update the following programs regularly:
   • an outbound firewall. If you are connected to the internet through a router, you are already behind a hardware firewall and as such you do not need an extra software firewall.
     A comprehensive tutorial and a list of possible firewalls can be found here.
     
   • an AntiVirus Software
     It is imperative that you update your AntiVirus Software on regular basis.If you do not update your AntiVirus Software then it will not be able to catch the latest threats.
     
   • an Anti-Spyware program
     Malware Byte's Anti Malware is an excellent Anti-Spyware scanner. It's scan times are usually under ten minutes, and has excellent detection and removal rates.
     SUPERAntiSpyware is another good scanner with high detection and removal rates.
     Both programs are free for non commercial home use but provide a resident and do not nag if you purchase the paid versions.
     
   • Spyware Blaster
     A tutorial for Spywareblaster can be found here. If you wish, the commercial version provides automatic updating.
     

[*]Keep Windows (and your other Microsoft software) up to date!

I cannot stress how important this is enough. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holes will allow an attacker unrestricted access to your computer.

Therefore, please, visit the Microsoft Update Website and follow the on screen instructions to setup Microsoft Update. Also follow the instructions to update your system. Please REBOOT and repeat this process until there are no more updates to install!!

[*]Keep your other software up to date as well

Software does not need to be made by Microsoft to be insecure. You can use the Secunia Online Software occasionally to help you check for out of date software on yourmachine.

[*]Stay up to date!

The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variants every single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing.

Some more links you might find of interest:

• Miekies' prevention suggestions
  
• So How did I get infected?
  
• Microsoft - 'Security at home'
  
• Calendar of Updates: See which updates have been released.
  
• How to backup your Data with Cobian Backup:because you never know, when your harddisk might fail :wink:
  
• Commonly Used Freeware Replacements: a nice list of freeware programs in all categories, that are regarded as useful by the users of this forum.
  
• osalt: Find (free) open source alternatives to known commercial software.

Please reply to this topic if you have read the above information. If your computer is working fine, this topic will be closed afterwards.

[dmb8886]

Hi Elise, thanks for everything. I have a handful of last questions for you.

1) Should I re-anable De-Fogger?

2) Should I un-install ERUNT?

3) While my computer runs MUCH quicker and better, or even at all lol. I feel its still bogged down somewhat. When I do CTRL+ALT+DELETE there are so many processes running at once, I feel there are some unnecessary things going on. I uploaded a 2 screen grab images showing all of the running processes. Do these look normal, can some be rid of? A while back I got rid of a bunch of startup but there are still so many processes.

4) This started happening a long time ago, but some of the files in my folder window, show up blue instead of the normal black font. Do you know why this is? Wasn't sure if it was part of a virus or something. I can take a screengrab if need be.

5) Just want to confirm that I'm totally safe to start using everything on my computer the normal way. I want to use Outlook again for my mail, want to start paying with my credit card on websites, want to connect to a really important shared file server. The file server especially it would be really bad if something bad got on there as I run a home business off of it.

6) I've used Spybot S&D, I feel this bogs my system down adn always asks about file/registry change and I never know what answer I should give. Should I get rid of this program, or do you think I need it in addition to what you've mentioned?

7) I've had McAfee, but I got this virus while using it (though probably from visiting some sites I shouldn't have clicked on). I'm willing to get rid of it for MBAM, from your post you seem to think that could be a good idea. Just want to confirm?

8) I think what you guys do here on this forum is incredible. Its charity work, and its really special that you take your time to do this. I would like to make a small donation in your name or at least just your honor. Is there a charity of choice you prefer? I can't say enough about what you and others do on this site to help people.

[dmb8886]

oops, forgot the screengrab attachments relating to number 5 above, here they are

[Elise]

Hi again,

1) Yes, you can rerun Defogger to re-enable CD emulators.

2) No need to uninstall Erunt, it is always good to have a registry backup at hand. If you really don't like it, you can get rid of it of course.

3) You can run Startup Lite to disable some unnecessary startup items. Everything in the taskmanager is legit.

4) Blue files/folders indicate that they are compressed. This is normal on Windows.

5) Everything should be safe now to use.

6) If you like it you can keep it, but in your case, I'd just uninstall it.

7) MBAM is not an antivirus. You can have it running, but you still need an antivirus. If you consider switching to another AV, you can for example try Avira, Avast or Microsoft Security Essentials.

8) If you wish to make a donation, you can do that to a (local) charity of your own choice. And we're glad to be of help.

[dmb8886]

Thanks again! Sorry, one last question, is there ever a need to run a full MBAM scan?

[Elise]

Usually a Quick scan is enough. A full scan scans area's that are not used by active malware. I usually include it once in a malware cleanup, to ensure possible leftovers are gone as well.

If you have no other questions, I will request this topic to be closed.

[dmb8886]

Hi Elise, sorry to drag this on since we're basically done. But I don't know why, I don't think I have so much stuff on this computer. But downloaded Avira and ran it yesterday. It takes SOOO long to scan, I forget how long, but it basically makes my computer unusable during it and even got a windows virtual memory warning while doing so. It said it scanned over 1,000,000 objects during the scan. I feel like some virus or something I got must have created a ton of files, is that possible? There's no reason I should have so many files on my computer, do you have any advice there?

When the scan finished I clicked on the report button and the report was too big to export to a .txt document so I couldn't even do it. Which then makes it a big hassle to have to run the virus scan every so often. Any ideas?

[Elise]

Your computer has only 512 MB of RAM, which is why your computer slows down so much during the scan. Every scanner will do this. For XP to run smoothly, it is recommended to have 1 GB of RAM installed (it will run okay with 512, but you can't run too many apps at once and any scan will need some resources).

When Avira finished, did it report any detections in the Report Window (you can find this also under Avira's statistics/logs, which can be accessed from within the program).

[dmb8886]

Hi Elise, any solution to the number of files?

Avira didn't find any issues with my computer. My issue though was more that it seems to me that over 1 million objects on my computer is insane. Is there anything I can do about this? There's no way at least half or 75% of those files are useful to me I'd think.

[Elise]

I'm not sure if Avira counts files or objects. Objects can also be registry keys for example, which would explain why there were so many.

You don't appear to have a huge amount of files, but you sure can free up some space by uninstalling unnecessary programs.