What the Tech logo
Welcome! Register for a free account (or login) > How does it work?
  1. Quickly register. It will only take 60 seconds.
  2. Start a new topic. Ask your question. Wait for an email reply.
  3. Is your system infected? Begin reading the malware removal guide.
 register button
2 Pages V  < 1 2  
 Closed TopicStart new topic
> [Resolved] Pop ups, Pop up blocker doesnt block
JonTom
post Feb 5 2010, 08:09 AM
Post #16


Advanced Member
Group Icon

Group: Senior Class
Posts: 632
Joined: 5-February 09
From: UK
Member No.: 84,008
Operating System: Vista Home Premium, 64-bit, SP2
Hello grave

QUOTE
I have been pop up free and every program that wasn't working is now working.


Thats good news, but the Kaspersky Online Scan has flagged some things that need out attention. We still have more work to do. Please work your way through the following steps:

  1. Clean out your temporary files

    Please download ATF Cleaner by Atribune by clicking here and save the file (called ATF-Cleaner.exe) to your desktop.
    Run the program by double clicking the ATF-Cleaner.exe icon located on your desktop.
    Check the boxes to the left of the following:

    • Windows Temp
    • Current User Temp
    • All Users Temp
    • Temporary Internet Files
    • Java Cache
    • The rest are optional. If you want to remove everything check the "Select All" box.
    • Click on "Empty Selected" to begin cleaning.
    • Once the "Done Cleaning" message appears, click OK.
    • If you use Firefox, Click on the Firefox tab and repeat the above process.
    • When you have finished cleaning, click on the "Exit" button in the main menu.


  2. Combofix Script



    • Open Notepad (Click on "Start", then on "Run" and type "notepad" (without quotations) in the Open field, then click on "OK").
    • NOTE: Do not Use Wordpad or any other text editor except Notepad or the script will fail.
    • Copy and Paste the text in the quotebox below into the open Notepad window:

      QUOTE
      DDS::
      TB: {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - No File
      TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
      TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
      TB: {CD292324-974F-4224-D074-CACA427AA030} - No File

      File::
      C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Desktop.htt
      C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\KPE3CTMV\default[1].htm

    • Save this as "CFScript.txt" (including the quotation marks), change the "Save as type" to "All Files" and save it to your desktop.
    • Close any open browsers.
    • Disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Refering to the picture below, drag CFScript.txt into ComboFix.exe



    • When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
    • Once the log is produced, re-engage your resident anti virus.


  3. Kaspersky Online Scan:


    • After you have ran the Combofix script, I would like you to run another online scan to make sure that your machine is clean.
    • I appreciate that the scan takes a long time to run, but it is one of the best ways of determining if anything else needs our attention, and better safe then sorry!


    In your next reply, please provide the Combofix log and the new Kaspersky Online Scan log.
Go to the top of the page
 
+Quote Post
grave
post Feb 5 2010, 04:38 PM
Post #17


Authentic Member
**

Group: Authentic Member
Posts: 43
Joined: 21-August 07
Member No.: 72,314
Operating System: windows xp
Here is the Kaspersky report
Attached File(s)
Attached File  kscan2.txt ( 3.05K ) Number of downloads: 10
 
Go to the top of the page
 
+Quote Post
JonTom
post Feb 6 2010, 06:12 AM
Post #18


Advanced Member
Group Icon

Group: Senior Class
Posts: 632
Joined: 5-February 09
From: UK
Member No.: 84,008
Operating System: Vista Home Premium, 64-bit, SP2
Hello grave

You logs appear to be clean! Good work.

However, we still need to re-enable the drivers that we disabled during the fix, remove the infected items we quarantined with Combofix and flush the infected system restore points from your system. Please work your way through the steps below in the order that they appear:


  1. Re-enable your drivers


    • To re-enable your Emulation drivers, double click on DeFogger to run the tool.

    • The application window will appear.
    • Click the Re-enable button to re-enable your CD Emulation drivers.
    • Click Yes to continue
    • A 'Finished!' message will appear.
    • Click OK
    • DeFogger will now ask to reboot the machine - click OK

    IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_enable which will appear on your desktop.
    Your Emulation drivers are now re-enabled.

  2. Tool deletions


    • You no longer need DDS, GMER, Rooter or DeFogger. Please delete all of these from your machine.


  3. Please Uninstall Combofix

    • Click on "Start" and then on "Run".
    • Now type Combofix /u in the run box and click "OK". Please note the space between the "x" and the "/u", it needs to be there.






    When shown the disclaimer, select "2"

    • The above procedure will:
    • Delete the following:
      • ComboFix and its associated files and folders.
      • VundoFix backups, if present
      • The C:\Deckard folder, if present
      • The C:_OtMoveIt folder, if present
    • Reset the clock settings.
    • Hide file extensions, if required.
    • Hide System/Hidden files, if required.
    • Reset System Restore.


  4. Your Adobe is out of date


    • You can obtain the latest version of Adobe Reader from here, and the latest version of Flash Player from here.
    • For more information and links to Adobe updates and downloads click here.



    Once you have completed the above steps you should be good to go! If you have any further questions, please feel free to ask.

  5. Finally, please take the time to read through the information provided below:

    Enhance your System Security

    • For an excellent list of free anti virus software, free online virus scanners, free spyware detection/removal and free firewalls, click here.


    • IMPORTANT! Do not run more than ONE firewall and ONE real-time antivirus on your system at any one time. When using "on demand" scanners, first update the detection signature files, then disconnect from the internet and disable your resident security program before running the scan.
    • Once complete, remember to re-engage your resident security before going online.


    Web Browsers and Browser Security

    Firefox
    • Firefox is generally considered to have greater browsing security in comparison to other popular programs. You can download Firefox 3.0 from here.


    No-Script
    • If you use Firefox as your default browser, No-Script can provide additional security by preventing malicious scripts from being executed on your system.
    • You can download No-Script by clicking here.


    Internet Explorer
    • The newest version of Internet Explorer is available from here.


    SpywareBlaster
    • If you use Internet Explorer as your default browser, SpywareBlaster would be a valuable addition to your online security.
    • SpywareBlaster prevents malicious ActiveX objects from being downloaded onto your system.
    • You can download SpywareBlaster by clicking here.


    Web of Trust
    • When using search engines, Web of Trust provides you with an easy way of telling the good sites from the bad and is compatible with both Firefox and Internet Explorer.
    • Coloured symbols are displayed next to search results, giving you more confidence in the links you choose to click on: Green (To go), Yellow (Caution) and Red (Stop).
    • You can download Web of Trust by clicking here.


    Keep your Software Updated
    • Outdated software can sometimes have vulnerabilities that are exploitable by malware.
    • Check if there are available updates for your installed software with Secunia's Online Software Inspector by clicking here.


    Passwords
    • Learn how to create strong passwords by clicking here and test the strength of the passwords you already use by clicking here.


    General Reading


    Learn How To Combat Malware
    • Would you like to learn how to fight back against malware and help others? Enroll at the What The Tech (Formerly Tom Coyotes) Malware Classroom by clicking here.
Go to the top of the page
 
+Quote Post
grave
post Feb 6 2010, 07:58 AM
Post #19


Authentic Member
**

Group: Authentic Member
Posts: 43
Joined: 21-August 07
Member No.: 72,314
Operating System: windows xp
I am having a problem with uninstalling Combofix, the disclaimer doesn't show, it just runs the program.
Go to the top of the page
 
+Quote Post
JonTom
post Feb 6 2010, 11:44 AM
Post #20


Advanced Member
Group Icon

Group: Senior Class
Posts: 632
Joined: 5-February 09
From: UK
Member No.: 84,008
Operating System: Vista Home Premium, 64-bit, SP2
Hello grave

QUOTE
I am having a problem with uninstalling Combofix, the disclaimer doesn't show, it just runs the program.


My fault entirely. Please try this instead:


  1. Please Uninstall Combofix

    • Click on "Start" and then on "Run".
    • Now type combofix /uninstall in the run box and click "OK". Please note the space between the "x" and the "/Uninstall", it needs to be there.


    Please let me know how you get on.
Go to the top of the page
 
+Quote Post
grave
post Feb 7 2010, 12:10 AM
Post #21


Authentic Member
**

Group: Authentic Member
Posts: 43
Joined: 21-August 07
Member No.: 72,314
Operating System: windows xp
It work just fine. Thank you very much I greatly appreciate you helping me out!
Go to the top of the page
 
+Quote Post
JonTom
post Feb 7 2010, 03:44 PM
Post #22


Advanced Member
Group Icon

Group: Senior Class
Posts: 632
Joined: 5-February 09
From: UK
Member No.: 84,008
Operating System: Vista Home Premium, 64-bit, SP2
Hello grave

QUOTE
Thank you very much I greatly appreciate you helping me out!


You are Very Welcome.

Best Wishes,

JonTom.
Go to the top of the page
 
+Quote Post
oldman960
post Feb 9 2010, 08:23 PM
Post #23


SuperHelper
Group Icon

Group: Classroom Teacher
Posts: 5,735
Joined: 27-April 08
Member No.: 78,707
Operating System: win98se, XP pro
Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

Go to the top of the page
 
+Quote Post
« Next Oldest · Infections Removal · Next Newest »
 

2 Pages V  < 1 2
Closed TopicStart new topic

 
RSS Time is now: 18th March 2010 - 01:22 PM
Advertisements do not imply our endorsement of that product or service. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk.
Member site: Alliance of Security Analysis Professionals | UNITE Against Malware
Memory Forums | Auto Repair Forum
© Geeks to Go, Inc. | All Rights Reserved | Privacy Policy
Powered By IP.Board © 2010  IPS, Inc.