Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

mmkehoe

6 Posts

591

September 19th, 2005 12:00

Win fixer pop ups: Log posted

 am following the posted directions on how to get rid of win fixer CONSTANT pop ups from my comp.  Along with the win fixer popups I am also getting pop ups from a travel company and a random search engine.  Here is my log from the note pad, thanks for your help.
 
Logfile of HijackThis v1.99.1
Scan saved at 8:40:09 AM, on 9/19/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.exe
C:\Program Files\AIM\aim.exe
C:\PROGRA~1\AWS\WEATHE~1\Weather.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\197_150_ni_4.exe
C:\PROGRA~1\MUSICM~1\MUSICM~2\MMDiag.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\System32\WISPTIS.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uwm.edu/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ms101.mysearch.com/sa/srchlft.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = http://www.seekwell.net
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: MSEvents Object - {52B1DFC7-AAFC-4362-B103-868B0683C697} - C:\WINDOWS\system32\vtsqq.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1
O4 - HKCU\..\Run: [midimap] C:\WINDOWS\System32\midimap.exe
O4 - HKCU\..\Run: [areslite] "C:\Program Files\Ares Lite Edition\AresLite.exe" -h
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [196_150_ni] C:\WINDOWS\System32\196_150_ni.exe
O4 - HKCU\..\Run: [197_150_ni_4] C:\WINDOWS\System32\197_150_ni_4.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1C78AB3F-A857-482E-80C0-3A1E5238A565} - ms-its:mhtml:file://C:\ss.MHT!http://toolbar.isearch.com/install/00001/chm.chm::/files/initial.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1123541692827
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://floridakeysmedia.tv/axiscam/Codebase/AxisCamControl.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: vtsqq - C:\WINDOWS\system32\vtsqq.dll
O20 - Winlogon Notify: vtsts - C:\WINDOWS\system32\vtsts.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

dobhar

2 Intern

 • 

1.1K Posts

September 19th, 2005 22:00

Hi mmkehoe...

My name is dobhar and I will be looking over your log. Please give me some time to go look it over and I will post back as soon as possible.

If you have any questions please post back as a reply to this Thread\Topic and I will be advised by email so I can return and help you. Do not start another Thread\Topic.

Thank You and Safe Surfing...

mmkehoe

6 Posts

September 19th, 2005 23:00

Thank you so much for helping me out with this.  I'll be keeping an eye out for your helful email.

 

dobhar

2 Intern

 • 

1.1K Posts

September 20th, 2005 06:00

Hi mmkehoe...

Here we go...

I need you to upload a file to a web site called " Jotti's Online Malware scan". I cannot find any decent information for " midimap.exe". Is this a file or program you are aware of if so then skip the Jotti scan. If not continue below...

- First go to http://virusscan.jotti.org/
- Use the buttons at the top of the page to browse to this file(s) on your hard drive to submit for a scan:
C:\WINDOWS\System32\midimap.exe
- Several scanning engines will be used to check the file for any threats.
- Post back the scan results after running the fix below...
_____________________________________________________

Please print out or copy these instructions\tutorials to Notepad as the internet will be unavailble to you at certain points of the removal process. Make sure to work through all the Steps in the exact order in which they are listed below. If there's anything that you don't understand, ask your question(s) before moving on with the fixes.
_____________________________________________________

Step 1.
==========
We need to uninstall some programs (if found in list) using " Add or Remove Programs" in the Control Panel:
- Get into Control Panel.
- Double-click " Add or Remove Programs".
- Look in the Currently installed programs box for each program listed below and if it is there:
- Click on it to select it.
- Click " Change/Remove" (or " Change") button.
- If you are prompted to confirm the removal of the program, click " Yes"

Weatherbug
WildTangent

Step 2.
==========
Please download and install CCleaner from http://www.ccleaner.com/download123.asp
(Note: DO NOT run this program yet)

Step 3.
==========
Please download VundoFix.exe from http://www.atribune.org/downloads/VundoFix.exe to your desktop.
- Double-click VundoFix.exe to extract the files...This will create a VundoFix folder on your desktop.
- After the files are extracted, please reboot your computer into Safe Mode.

Step 4.
==========
- Reboot computer into " Safe Mode" Using the F8 method:
- As soon as the BIOS is loaded begin tapping the F8 key until the Boot Menu appears
- Use the arrow keys to select the Safe Mode menu item
(Note: For additional help in booting into Safe Mode, see the following site - http://www.pchell.com/support/safemode.shtml)

Step 5.
==========
We need to make sure all Hidden Files are showing so please:
* Open " My Computer" then click on " Tools" and from the drop down menu select " Folder Options".
* Select the " View" tab.
* Under the " Hidden files and folders" heading SELECT " Show hidden files and folders".
* UNCHECK the " Hide file extensions for known types option".
* UNCHECK the " Hide protected operating system files (recommended) option".
* Click " Yes" to confirm.
* Click " OK"

Step 6.
==========
- Open the VundoFix folder on your Desktop
- Double-click on KillVundo.bat to run it
- You will first be presented with a warning and a list of forums to seek help at. It should look like this:

VundoFix V2.1 by Atri
By pressing enter you agree that you are using this at your own risk
Please seek assistance at one of the following forums:
http://www.atribune.org/forums
http://www.247fixes.com/forums
http://www.geekstogo.com/forum
http://forums.net-integration.net

- At this point press enter one time.
- Next you will see:

Type in the filepath as instructed by the forum staff
Then Press Enter, Then F6, Then Enter Again to continue with the fix.

-At this point please type the following file path (Note: make sure to enter it exactly as below!):
C:\WINDOWS\system32\vtsqq.dll
- Press Enter, then press the F6 key, then press Enter one more time to continue with the fix.
- Next you will see:

Please type in the second filepath as instructed by the forum staff
Then Press Enter, Then F6, Then Enter again to continue with the fix.

- At this point please type the following file path (Note: make sure to enter it exactly as below!):
C:\WINDOWS\system32\qqstv.*
- Press Enter, then press the F6 key, then press Enter one more time to continue with the fix.
- The fix will run then HijackThis will open...
- Select\check the following entries below, Double-check to make sure that only these entries are checked...

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ms101.mysearch.com/sa/srchlft.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = http://www.seekwell.net
O2 - BHO: MSEvents Object - {52B1DFC7-AAFC-4362-B103-868B0683C697} - C:\WINDOWS\system32\vtsqq.dll
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1
O4 - HKCU\..\Run: [196_150_ni] C:\WINDOWS\System32\196_150_ni.exe
O4 - HKCU\..\Run: [197_150_ni_4] C:\WINDOWS\System32\197_150_ni_4.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O16 - DPF: {1C78AB3F-A857-482E-80C0-3A1E5238A565} - ms-its:mhtml:file://C:\ss.MHT!http://toolbar.isearch.com/install/00001/chm.chm::/files/initial.cab
O20 - Winlogon Notify: vtsqq - C:\WINDOWS\system32\vtsqq.dll
O20 - Winlogon Notify: vtsts - C:\WINDOWS\system32\vtsts.dll

- Click the " Fix checked" button...
- After you have fixed these items, close HijackThis and Press any key to Force a reboot of your computer.
- Pressing any key will cause a " Blue Screen of Death". This is normal, do not worry!
- Once your machine reboots, reboot into " Normal Mode" and continue with the instructions below.

Step 7.
==========
We now need to cleanup all the Temp, Temorary Internet Files, Recycle Bin, etc...
- Start the CCleaner program
- Get into " Options" => Select " Advanced" => Deselect\uncheck " Only delete files in Windows Temp folders older than 48 hours"
- We are only going to work with the "Cleaner" section. (Note: Do not use the "Issues" section)
- click on the Run Cleaner button in the lower right-hand corner
- After complete close program

Step 8.
==========
Delete the following folder(s) and file(s) in BOLD only. (Note: Don't be concern if can't find but advise if not found)
Folder(s)...
C:\Program Files\ AWS <<<= Delete This Folder
C:\Program Files\ WildTangent <<<= Delete This Folder

Files(s)...
C:\WINDOWS\System32\ 196_150_ni.exe <<<= Delete This File
C:\WINDOWS\System32\ 197_150_ni_4.exe <<<= Delete This File
C:\WINDOWS\SYSTEM32\ vtsts.dll <<<= Delete This File
C:\WINDOWS\SYSTEM32\ ststv.bak <<<= Delete This File
C:\WINDOWS\SYSTEM32\ ststv.bak1 <<<= Delete This File
C:\WINDOWS\SYSTEM32\ ststv.bak2 <<<= Delete This File
C:\WINDOWS\SYSTEM32\ ststv.ini <<<= Delete This File
C:\WINDOWS\SYSTEM32\ ststv.ini1 <<<= Delete This File
C:\WINDOWS\SYSTEM32\ ststv.ini2 <<<= Delete This File
C:\WINDOWS\SYSTEM32\ ststv.tmp <<<= Delete This File
C:\WINDOWS\SYSTEM32\ ststv.tmp1 <<<= Delete This File
C:\WINDOWS\SYSTEM32\ ststv.tmp2 <<<= Delete This File

Step 9.
==========
Run Panda's online virus scan from http://www.pandasoftware.com/products/activescan.htm and perform a full system scan.
- Once you are on the Panda site click the " Scan your PC" button
- A new window will open...click the big " Check Now" button
- Enter your Country
- Enter your State/Province
- Enter your e-mail address and click send
- Select either Home User or Company
- Click the big Scan Now button
- If it wants to install an ActiveX component allow it
- It will start downloading the files it requires for the scan (Note: It will take a couple minutes)
- Click on " Local Disks" to start the scan
- Post Panda scan results in your next reply

Step 10.
==========
- Post a fresh new HijackTHis log
- Post the Vundofix.txt log
- Post the Panda ActiveScan results
- Post back Jotti scan results

mmkehoe

6 Posts

September 20th, 2005 11:00

Service load:0%  100%File:MIDIMAP.EXE-15E129A2.pfStatus:
OK
MD52a816eb8a5ec30cbf10a5d16783bc035Packers detected:
-
Scanner results
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
Fortinet
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
UNA
Found nothing
VBA32
Found nothing

mmkehoe

6 Posts

September 20th, 2005 11:00

The weathr bug removed successfully; however, the wildtangent would not remove.  So I went in to the actual file everything deleated except the componants and the apps.  <--- those 2 would not remove, a message poped up saying they are not allowed to be removed.  But I don't know what it could be used fpr

mmkehoe

6 Posts

September 20th, 2005 19:00

Ok, earlier today I was following the posted directions you gave me to do while in safe mode of my computer.  Everything was working until I got to step where the hijack was running.  The files that were supposed to be listed were not there, and I could find no way of getting those file name to appear.  So, I tried to start over thinking I had done something wrong.  That did not work either.  Now when I try to start up my computer normally it does not work.  I boots only to my back drop, none of the icons are there, a microsoft tool bar is not there and I cannot do anything besides hit cntrl+alt+ delete and turn off the computer.  I have tried every thing.  Now it does not even function in safe mode like it was before and I don't know what to do.  I am going to try to hit F10 upon start up to restore my computer to before I had this whole problem in the first place and install a virus blocker from my school.  Does all of this sound good to you?

I may not have access to a computer again for a while so if you don't hear from me that is why.

Thanks

 

dobhar

2 Intern

 • 

1.1K Posts

September 22nd, 2005 22:00

So very sorry to hear of your problems... :( I went over the log and my reply with some of my colleuge's and we cannot see why this happened. We have seen where the "Explorer.exe" file gets pooched. If you have not done anything to your computer yet we can try a couple things. I would like to help out if I can.

Take care,

Kent

dobhar

2 Intern

 • 

1.1K Posts

September 23rd, 2005 02:00

Hi mer...

Man, what a relief...I am so very glad you are back up and running... :D

As I mentioned in my last post we have seen it where the "Explorer.exe" file gets pooched. There is a work around that seems to do the job. Anyways I'm glad we did not need to run it.

I'm going to post my standard {All Clean} speech as it has some very good information and some other good tools to help keep your PC "Nasty" free.

Take care and Safe Surfing... :)
______________________________________________

Please follow these simple steps in order to keep your computer clean and secure:
  1. Disable and Enable System Restore. - If you are using Windows ME or XP then you should disable and reenable system restore to make sure there are no infected files found in a restore point. You can find instructions on how to enable and reenable system restore here:

    Managing Windows Millenium System Restore or Windows XP System Restore Guide

    Renable system restore with instructions from tutorial above

  3. Make your Internet Explorer more secure - This can be done by following these simple instructions:
    1. From within Internet Explorer click on the Tools menu and then click on Options.
    2. Click once on theSecurity tab
    3. Click once on the Internet icon so it becomes highlighted.
    4. Click once on the Custom Level button.
      1. Change the Download signed ActiveX controls to Prompt
      2. Change the Download unsigned ActiveX controls to Disable
      3. Change the Initialize and script ActiveX controls not marked as safe to Disable
      4. Change the Installation of desktop items to Prompt
      5. Change the Launching programs and files in an IFRAME to Prompt
      6. Change the Navigate sub-frames across different domains to Prompt
      7. When all these settings have been made, click on the OK button.
      8. If it prompts you as to whether or not you want to save the settings, press the Yes button.
    5. Next press the Apply button and then the OK to exit the Internet Properties page.

  5. Use an AntiVirus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future. See this link for a listing of some online & their stand-alone antivirus programs:
    Virus, Spyware, and Malware Protection and Removal Resources

  7. Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.

  9. Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly. For a tutorial on Firewalls and a listing of some available ones see the link below:
    Understanding and Using Firewalls

  11. Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

  13. Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an antivirus software. A tutorial on installing & using this product can be found here:
    Using Spybot - Search & Destroy to remove Spyware , Malware, and Hijackers

  15. Install Ad-Aware - Install and download Ad-Aware. ou should also scan your computer with program on a regular basis just as you would an antivirus software in conjunction with Spybot. A tutorial on installing & using this product can be found here:
    Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer

  17. Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs. A tutorial on installing & using this product can be found here:
    Using SpywareBlaster to protect your computer from Spyware and Malware

  19. Install IE-SPYAD - IE-SPYAD adds a list of sites and domains associated with advertisers, marketers, and crapware pushers to the Restricted sites zone of Internet Explorer. A tutorial on installing & using IE-SPYAD can be found here:
    Using IE-Spyad to enhance your privacy and security

  21. Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically.

mmkehoe

6 Posts

September 23rd, 2005 02:00

Kent:

Some how my boyfriend was able to reset my computer to a previous date.  It is back to normal now.  I also picked up a search and destroy program and it got rid of all the malware on my comp.  I also updated my mcaffe.  thanks for your help.  I think the real problem was that I should NOT have been fooling around with such sensitive computer issues! 

Thanks again

mer

Was this post helpful?

View All

No Events found!

Top