Unsolved
This post is more than 5 years old
68 Posts
0
6236
Attn:Bugbatter
They keep deleting my post. I think I know what I am doing wrong. I am making negative comments. I will try to watch what I write about.
Hello Bugbatter - Thank you for being brave enough to step up and help a sincere computer dummy. I need to take this slow with the instructions. Installing HiJackThis was the 3rd thing I ever installed and I had to reread the directions several times. The second was the Kaspersky deal and well you know the outcome. I am just not familiar with the computer terminology yet and I am scared and cautious because I know one wrong move can mess it all up at my expense.
"Your log is unreadable as posted, but we can continue with another scanner. When you copy and paste logs here, use the default text editor, not HTML."
Can we start at the beginning. Would you like for me to try it again using the default editor before we use another scanner? I am not in a big rush. Please tell me where to find it. I heard of HTML. Isn't that in email? Can you give me the steps to use the default text editior? Is it only for logs? Should I change it back after?
You mentioned " I would not have installed Norton, but as long as you already have it, we'll leave it alone. thatmay be why your computer is a bit slower. " Is Norton really that bad? My brother didn't like it, I didn't ask his opinion but I remember his computer was really slow . For me, I need to purchase a reliable security service. Cost is not the issue. So next year when my membership is up, what would be a good one? So far I am hearing that Norton isn't really that great. Next year when I reinstall a different security.. will I be in the same boat? Should I just invest in Windows 7? I heard I won't need any security for that.
My daughter is getting a laptop for Christmas. I want to start fresh with her computer. I don't want to mess this up. I would like to keep her computer clean. I don't even want her to download any trials of anything including other applications. I feel that there will always be a unresolved uninstall issue somewhere that will contribute to all of the other misc programs that she may or may not use. I hope this makes sence. I know this is off topic, forgive me but this is really important. Should she install Norton or Kaspersky? I happen to have both cd's..lucky me. Should I go for Trendmicro? I wish I had that back. I probably have traces of all of this on my computer.
So should I start over with the scan?
----------------------------------
Bugbatter
3 Apprentice
3 Apprentice
•
20.5K Posts
0
January 21st, 2010 19:00
It might be good to print this so you can refer to it easily.
http://www.microsoft.com/windowsxp/using/setup/tips/advanced/adminaccount.mspx
Yes, after your printing above is done, you can unplug the printer if you want to. The main thing is that I don't want the driver running when we change its registry entry.
Bugbatter
3 Apprentice
3 Apprentice
•
20.5K Posts
0
January 22nd, 2010 04:00
No blank lines is the same thing as spaces. There is no space skipped at the top of my text, but there is one space skipped at the bottom. Just copy everything between those dotted lines exactly the way it is. Do not copy the dotted lines.
You can log off the Admin account when you are finished adding the reg file to the registry.
sactogal916
68 Posts
0
January 22nd, 2010 07:00
So when I do this I should only be logged in under Administrator. Ok I almost made that mistake. I have to go to work. I will work on this in the late afternoon.
Bugbatter
3 Apprentice
3 Apprentice
•
20.5K Posts
0
January 22nd, 2010 13:00
I can't tell from here if you have Admin privileges in your "regular" profile. Try it as you are and if you get an error telling you that you need to be logged in as Admin to make those changes, then you will know. :emotion-1:
sactogal916
68 Posts
0
January 22nd, 2010 18:00
I did it! I started all over again and logged on as the Admin and created a new restore point. Here is the results. I think my computer is runnning fine except for my mouse which I will order now and the error pop-up (funny- error pop up came on admin desktop too). I think I did it right except the file is named fix by accident, hope that's ok. If not tell me and I will redo the whole thing I will be much faster at it now since it took three tries to complete!!
I feel good and I'm smiling like the Grinch look at all I have accomplished! I did pretty good in computer class today. He said I was sharp. I did show off some of my new computer skills but I owe it all to YOU!!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:44:45 PM, on 1/22/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Norton 360 Premier Edition\Engine\3.5.2.11\ccSvcHst.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Norton 360 Premier Edition\Engine\3.5.2.11\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell AIO 810\dlcgmon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\dlcgcoms.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360 Premier Edition\Engine\3.5.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360 Premier Edition\Engine\3.5.2.11\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\3.5.2.11\coIEPlg.dll
O4 - HKLM\..\Run: [dlcgmon.exe] "C:\Program Files\Dell AIO 810\dlcgmon.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DLCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCGtime.dll,RunDLLEntry
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.sbcglobal.net
O15 - Trusted Zone: http://*.sbcglobal.net
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} - https://www.tmremote.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360 Premier Edition\Engine\3.5.2.11\coIEPlg.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlcg_device - - C:\WINDOWS\system32\dlcgcoms.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360 Premier Edition\Engine\3.5.2.11\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\WINDOWS\
--
End of file - 5906 bytes
sactogal916
68 Posts
0
January 22nd, 2010 20:00
No, we didn't fix the printer error. I mean, we did a while back but it came back on. This is the RunDLLEntry error. That is also the error that came up on the desktop when I was signed on as Admin. I think we have to do the registry fix before that error comes off.. I think..right? But, I don't know if I can handle that so I was going to try to ask someone to help me. That's what I though we were at. Yes, everything merged.
" I still see the old entry in your log" Can you tell me what does that mean "old entry" and what do you see so I can look for it on the log too?
Am I going to have mouse drama too when I install my new mouse (didn't order yet) because if so, I 'd rather put up with my old one.
Bugbatter
3 Apprentice
3 Apprentice
•
20.5K Posts
0
January 22nd, 2010 20:00
Bugbatter
3 Apprentice
3 Apprentice
•
20.5K Posts
0
January 22nd, 2010 21:00
The old entry....
Run HijackThis and place a checkmark next to the following:
O4 - HKLM\..\Run: [DLCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCGtime.dll,RunDLLEntry
Close all other windows and click "Fix Checked". Close HijackThis.
Reboot. Now double-click on that fix.reg again and allow it to merge. You will get a confirmation if it does.
Why don't you just go buy a mouse at Walmart or someplace instead or ordering one? If you get a plain basic mouse with no fancy features you may not even have to install the software -- just plug it into your computer. I have not bothered to install the software for my last 4 mice and they all work just fine.
sactogal916
68 Posts
0
January 22nd, 2010 22:00
Below is a new hijackthis log.
The error message did not come back on???!!!??? : )
I never thought about going out and buying one thanks. I have a Dell so I have to stick with only Dell products..is that still true? I went to the "shop" here in our Dell Community and the cheap easy to use mouse I wanted was not compatable with my computer so I didn't bother looking into it any further at this time. I have to find a mouse that is compatable right? Good. I will save on shipping charges.
OK so how did I do this time around? What's next? Today in computer class, which is my last one until the advanced 2 day class next month, we learned how to use the computer if our mouse was down. Have you ever thought about that?
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:39:56 PM, on 1/22/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Norton 360 Premier Edition\Engine\3.5.2.11\ccSvcHst.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton 360 Premier Edition\Engine\3.5.2.11\ccSvcHst.exe
C:\Program Files\Dell AIO 810\dlcgmon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\dlcgcoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360 Premier Edition\Engine\3.5.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360 Premier Edition\Engine\3.5.2.11\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\3.5.2.11\coIEPlg.dll
O4 - HKLM\..\Run: [dlcgmon.exe] "C:\Program Files\Dell AIO 810\dlcgmon.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DLCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCGtime.dll,RunDLLEntry
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.sbcglobal.net
O15 - Trusted Zone: http://*.sbcglobal.net
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} - https://www.tmremote.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360 Premier Edition\Engine\3.5.2.11\coIEPlg.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlcg_device - - C:\WINDOWS\system32\dlcgcoms.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360 Premier Edition\Engine\3.5.2.11\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\WINDOWS\
--
End of file - 5939 bytes
Bugbatter
3 Apprentice
3 Apprentice
•
20.5K Posts
0
January 23rd, 2010 05:00
I'm not so sure that printer error is fixed. This old entry that you fixed before running the registry file is still there:
O4 - HKLM\..\Run: [DLCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCGtime.dll,RunDLLEntry
Your log should be showing this now:
O4 - HKLM\..\Run: [DLCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCGtime.dll,_RunDLLEntry@16"
You may still have to look for someone to make that change manually in the registry.
For most hardware, yes, it's good to stick with Dell, but as far as mice, any that you are comfortable with will work. Dell mice and Microsoft mice are about the same shape if you have the one I'm thinking of. I was never as comfortable with Logitech as with Dell and MS, but that's just my personal preferences. Save the receipt for the one you get, and if it does not work return it to the store (Might be good to ask them first if that would be okay.)
If you have not updated Java yet, please follow these steps to remove older version Java components and update.
Close Add/Remove.
* In Windows Explorer, navigate to C:\Program Files\Java =this folder. Delete any subfolders.
* Do NOT delete C:\Program Files\ JavaVM =this folder, if found!
Delete the downloaded installation file after completing the above procedure and reboot if not prompted to do so.
That's about all we can do as far as your malware cleanup. If the printer problem persists, try posting on the printer forum:
http://en.community.dell.com/forums/3528.aspx
Here is my standard list of simple steps that you can take to reduce the chance of infection in the future.
If you have used Malwarebytes' Anti-Malware as part of your cleaning procedures, keep it updated and use it to scan every so often for malware, or upgrade to the paid version for realtime scanning and auto updating.
The following suggestions are general prevention and are not customized for your computer. You may have already taken some of these steps, and depending on your current security, you may not need to implement all of these:
1. Visit Microsoft Update: Make sure that you have all the Critical Updates recommended for your operating system, Office, and IE. The first defense against infection is a properly patched OS from Microsoft Update at update.microsoft.com. More info HERE. Don't forget to upgrade to Internet Explorer 8.
2. Please use a firewall and realtime anti-virus. Keep the anti-virus software and firewall software up to date.
3.You might consider installing Mozilla / Firefox.
http://www.mozilla.com/en-US/
4. Do not use file sharing. Even the safest P2P file sharing programs that do not contain bundled spyware, still expose you to risks because of the very nature of the P2P file sharing process. By default, most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer. The reason for this is simple. File sharing relies on its members giving and gaining unfettered access to computers across the P2P network. However, this practice can make you vulnerable to data and identity theft. Even if you change those risky default settings to a safer configuration, the act of downloading files from an anonymous source greatly increases your exposure to infection. That is because the files you are downloading may actually contain a disguised threat. Many very malicious worms and trojans, such as the Storm Worm, target and spread across P2P files sharing networks because of their known vulnerabilities.
5. Before using or purchasing any Spyware/Malware protection/removal program, always check the following Rogue/Suspect Spyware Lists. http://www.spywarewarrior.com/rogue_anti-spyware.htm http://www.malwarebytes.org/database.php
6. If you have not already done so, you might want to install CCleaner and run it in each user's profile: http://www.ccleaner.com/ ** UNcheck the option to install the Yahoo toolbar that is checked by default for the Standard version, or download the toolbar-free versions (Slim or Basic) when given the option for those.
7. Web Of Trust , uses colored alerts to warn about risky websites warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
There is a Web Of Trust version for Firefox as well.
8. You might consider installing SpywareBlaster: http://www.javacoolsoftware.com/spywareblaster.html
It will:
Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software.
Block spyware/tracking cookies in Internet Explorer and Mozilla Firefox.
Restrict the actions of potentially unwanted sites in Internet Explorer.
Tutorial here:http://www.bleepingcomputer.com/forums/tutorial49.html
Periodically check for updates
9. You might want to install Winpatrol. Winpatrol is heuristic protection program, meaning it looks for patterns in codes that work like malware. It also takes a snapshot of your system's critical resources and alerts you to any changes that may occur without you knowing. You can read more about Winpatrol's features here.
Download a free copy of Winpatrol or use the Plus version for more features.
You can read Winpatrol's FAQ if you run into problems.
10. Here are some helpful articles:
How did I get infected? HERE
I'm not pulling your leg, honest?
by Sandi Hardmeier HERE
Let us know if we have not resolved your problem. Otherwise, you are good to go.
Happy and Safe Surfing!
sactogal916
68 Posts
0
January 24th, 2010 20:00
Hi.
Thank you. I will print this out in case I need this. Are we going to do something with Java, I think you mentioned that woud be our final step with this.
What does Microsoft.Net Framework 1.1 and Microsoft.Net Framework 1.1 Hotfix (kB928366) mean??
Bugbatter
3 Apprentice
3 Apprentice
•
20.5K Posts
0
January 24th, 2010 21:00
We updated your Java in my post above.
http://en.wikipedia.org/wiki/.NET_Framework
The Hotfix was a patch from Microsoft. http://support.microsoft.com/kb/928366
NOTE: The malware issue has been resolved, so this thread is now closed.
Everyone else who is having a similar issue, please begin a New Message at the top of the forum.