38 replies to this topic

[RetiredChief]

I keep getting a message that DDS is a read only file.

[jeffce]

Hi RetiredChief,

I had no idea it was on there, nor have I personally used it. I removed it and a few other things. I cannot figure out which Java JRE I need. I86, x64 online, offline. Throw me a bone, thanks!

JRE7u1 Windows x86 Offline.

Once you get that complete let me know if there are any other problems. Don't worry about DDS right now.

[RetiredChief]

I downloaded and applied Java. Will inform if there are issues. Cheers!

[jeffce]

Hi RetiredChief,

IT APPEARS THAT YOUR LOGS ARE NOW CLEAN SO LETS DO A COUPLE OF THINGS TO WRAP THIS UP!!

This infection appears to have been cleaned, but I can not give you any absolute guarantees. As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection.
----------

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following text into the Run box as shown and click OK.
Combofix /Uninstall
(Note: There is a space between the ..X and the /U that needs to be there.)


----------

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

Here are some tips to reduce the potential for spyware infection in the future:

1. Make your Internet Explorer more secure - This can be done by following these simple instructions:

• From within Internet Explorer click on the Tools menu and then click on Options.
• Click once on the Security tab
• Click once on the Internet icon so it becomes highlighted.
• Click once on the Custom Level button.
• Change the Download signed ActiveX controls to Prompt
• Change the Download unsigned ActiveX controls to Disable
• Change the Initialize and script ActiveX controls not marked as safe to Disable
• Change the Installation of desktop items to Prompt
• Change the Launching programs and files in an IFRAME to Prompt
• Change the Navigate sub-frames across different domains to Prompt
• When all these settings have been made, click on the OK button.
• If it prompts you as to whether or not you want to save the settings, press the Yes button.
• Next press the Apply button and then the OK to exit the Internet Properties page.

2. Enable Protected Mode in Internet Explorer. This helps Windows Vista users stay more protected from attack by running Internet Explorer with restricted privileges as well as reducing the ability to write, alter or destroy data on your system or install malicious code. To make sure this is running follow these steps:

• Open Internet Explorer
• Click on Tools > Internet Options
• Press Security tab
• Select Internet zone then place check next to Enable Protected Mode if not already done
• Do the same for Local Intranet, Trusted Sites and Restricted Sites and then press Apply
• Restart Internet Explorer and in the bottom right corner of your screen you will see Protected Mode: On showing you it is enabled.

3. Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis. With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.

4. Firewall
Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly. A tutorial on firewalls can be found here. **There are firewalls listed in this tutorial that could be downloaded and used but I would personally only recommend using one of the following two below:
Online Armor Free
Agnitum Outpost Firewall Free

5. Make sure you keep your Windows OS current. Windows XP users can visit Windows update regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems. Without these you are leaving the back door open.

6. Consider a custom hosts file such as MVPS HOSTS. This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers. For information on how to download and install, please read this tutorial by WinHelp2002
Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.

7. WOT (Web of Trust) As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites. WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.

8.Finally, I strongly recommend that you read TonyKlein's good advice So how did I get infected in the first place?

Please reply to this thread once more if you are satisfied so that we can mark the problem as resolved.

[RetiredChief]

Jeff, I'll do these steps as soon as I get home today. I have Malwarebytes, Microsoft Security Essentials and Comodo Firewall on my computer. Will these perform the protection that I need? My only problem with setting stuff up is not understanding what each selection does or what will happen if I do not select or check a box. Also, do you have any info on how I make my wireless internet connection secure? I do not understand what the computer is asking me or what I need to type and where. Thanks for all the help! Chief

[jeffce]

Hi R/C,

I have Malwarebytes, Microsoft Security Essentials and Comodo Firewall on my computer. Will these perform the protection that I need?

Ok...Malwarebytes is a great antimalware program that I have on all of my computers. Microsoft Security Essentials is the same antivirus program that I personally use. It is really light on resources and does a fine job. Comodo Firewall I used to use but I do not any longer. Personally, I just use the standard Windows Firewall. Some people go with the train of thought that you need a "better" firewall, but I am using a wireless router (like you are) and that is in essence a hardware firewall...meaning someone has to be able to break through your router password to even get to your computer at all. In my opinion, since you are using a wireless router, I would just use the Windows firewall.

My only problem with setting stuff up is not understanding what each selection does or what will happen if I do not select or check a box.

I do not understand what the computer is asking me or what I need to type and where.

I am not quite sure what you mean by this? Could you elaborate please?

Also, do you have any info on how I make my wireless internet connection secure?

If you are using a wireless router be sure to have it encrypted using WPA or WPA2 settings. WPA stands for Wi-Fi Protected Access. Go here and there is a pretty good tutorial that can help you set up your security the way that you prefer.

[RetiredChief]

Jeff, I read the link on setting up the wireless network and it appears to be something I can muddle through. To explain my lack of computer savvy for instance: I was asked to enter a "Network Key" (don't remember what I was doing) and I didn't know what one was or where to find it. I also didn't have a clue what WEP etc. was and after trying to use the help functions and searching It go too frustrating so I just stopped. Again, I think your link is going to help and I'll post my results. My boys are probably going to be a little peeved because they play X-Box, WII and PS3 online and this will probably cause isses. Chief

[jeffce]

Everything going alright R/C? If so I will close this log out.

[jeffce]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please follow the instructions here http://forums.whatth...ed_t106388.html
and start a New Topic.