Sign In
Register
Help
All icons from the Desktop are gone - disappeared, but if I go to the Desktop folder, they are there, they are just not displayed on the Desktop itself.
Along with the Desktop the Menu line disappeared as well, so the only way I start the programs is through the Task Manager. I tried system restore point, at that time it worked OK, all was back, but if I reset computer or restart all is abnormal again.
Sometimes computer resets itself, sometimes kind of blue screen appears and says errors, computer seems slower.
Iolo anti virus didn't find infection, I guess malware bypassed it. I installed 2 other cleaners, they both found a few things, ParetoLogic antivirus blocked something at startup, but my Desktop is still gone, along with the Menu line.
I probably got infected while hunting 'unappropriate web sites', i reported many of them to the authorities, but one of the web sites infected me. Please help!
Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows XP Home Edition (5.1.2600) Service Pack 3
[32_bits] - x86 Family 6 Model 15 Stepping 6, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[SharedAccess] RUNNING (state:4)
.
Internet Explorer 7.0.5730.11
.
C:\ [Fixed-NTFS] .. ( Total:298 Go - Free:230 Go )
E:\ [CD_Rom]
F:\ [Removable]
G:\ [Removable]
H:\ [Removable]
I:\ [Removable]
J:\ [Removable]
.
Scan : 08:24.29
Path : C:\Documents and Settings\Pingvin\Desktop\Rooter.exe
User : Pingvin ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (756)
______ \??\C:\WINDOWS\system32\csrss.exe (864)
______ \??\C:\WINDOWS\system32\winlogon.exe (888)
______ C:\WINDOWS\system32\services.exe (936)
______ C:\WINDOWS\system32\lsass.exe (948)
______ C:\WINDOWS\system32\svchost.exe (1120)
______ C:\WINDOWS\system32\svchost.exe (1188)
______ C:\WINDOWS\System32\svchost.exe (1304)
______ C:\WINDOWS\system32\svchost.exe (1352)
______ C:\WINDOWS\system32\svchost.exe (1508)
______ C:\WINDOWS\system32\svchost.exe (1580)
______ C:\WINDOWS\system32\spoolsv.exe (1672)
______ C:\Program Files\Google\Update\GoogleUpdate.exe (1968)
______ C:\WINDOWS\system32\svchost.exe (1272)
______ C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe (1408)
______ C:\Program Files\iolo\common\lib\ioloServiceManager.exe (1696)
______ C:\Program Files\Java\jre6\bin\jqs.exe (1888)
______ C:\WINDOWS\system32\nvsvc32.exe (1944)
______ C:\Program Files\Reel Logix\The Calendar Planner\pcrem.exe (280)
______ C:\WINDOWS\system32\ctfmon.exe (420)
______ C:\Program Files\Spyware Doctor\pctsAuxs.exe (532)
______ C:\Program Files\Spyware Doctor\pctsSvc.exe (648)
______ C:\WINDOWS\system32\svchost.exe (1548)
______ C:\Program Files\Spyware Doctor\pctsTray.exe (1216)
______ C:\Program Files\Common Files\ParetoLogic\PLAS\plasservice.exe (1228)
______ C:\WINDOWS\System32\alg.exe (2812)
______ C:\Program Files\Spyware Doctor\TFEngine\TFService.exe (2940)
______ C:\Program Files\Mozilla Firefox\firefox.exe (3672)
______ C:\Program Files\ParetoLogic\Anti-Virus PLUS\Pareto_AV.exe (2184)
______ C:\Program Files\Common Files\ParetoLogic\PLAVEngine\ScanningProcess.exe (2972)
______ C:\Program Files\Common Files\ParetoLogic\PLAVEngine\ScanningProcess.exe (2980)
______ C:\Program Files\OpenOffice.org 3\program\swriter.exe (3944)
______ C:\Program Files\OpenOffice.org 3\program\soffice.exe (1496)
______ C:\Program Files\OpenOffice.org 3\program\soffice.bin (1096)
______ C:\WINDOWS\system32\taskmgr.exe (3556)
______ C:\Program Files\Mozilla Thunderbird\thunderbird.exe (3012)
______ C:\Documents and Settings\Pingvin\Desktop\Rooter.exe (2752)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:32256 | Length:320062063104)
.
----------------------\\ Scheduled Tasks
.
C:\WINDOWS\Tasks\desktop.ini
C:\WINDOWS\Tasks\Google Software Updater.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachine.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-448539723-725345543-1004.job
C:\WINDOWS\Tasks\NSSstub.job
C:\WINDOWS\Tasks\ParetoLogic Anti-Virus PLUS_dbsummary.job
C:\WINDOWS\Tasks\ParetoLogic Registration.job
C:\WINDOWS\Tasks\ParetoLogic Update Version2.job
C:\WINDOWS\Tasks\SA.DAT
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 08:26.03
.
C:\Rooter$\Rooter_1.txt - (30/06/2009 | 08:26.03)
----------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:31:49, on 30.6.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Reel Logix\The Calendar Planner\pcrem.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Common Files\ParetoLogic\PLAS\plasservice.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ParetoLogic\Anti-Virus PLUS\Pareto_AV.exe
C:\Program Files\Common Files\ParetoLogic\PLAVEngine\ScanningProcess.exe
C:\Program Files\Common Files\ParetoLogic\PLAVEngine\ScanningProcess.exe
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\HJT\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.mozilla.org/projects/seamonkey/start/"); (C:\Documents and Settings\PINGVIN\Application Data\Mozilla\Profiles\default\4z7bzsx0.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5Cmozilla.org%5CSeaMonkey%5Csearchplugins%5Cgoogle.src"); (C:\Documents and Settings\PINGVIN\Application Data\Mozilla\Profiles\default\4z7bzsx0.slt\prefs.js)
O1 - Hosts: ::1 localhost
O1 - Hosts: 94.232.248.66 antivirprotection.com
O1 - Hosts: 94.232.248.66 www.antivirprotection.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ERBHOMasterObject Class - {5A15CA85-DAB9-456c-95ED-06C6E3885C2A} - C:\Program Files\ExitReality\Webspace\System\ExitRealityHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [KONICA MINOLTA magicolor 2400W STD] C:\WINDOWS\system32\MSTMON_S.EXE STARTUP
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [iolo AntiVirus] "C:\Program Files\iolo\System Mechanic Professional\AntiVirus\ioloAV.exe"
O4 - HKLM\..\Run: [iolo Personal Firewall] "C:\Program Files\iolo\System Mechanic Professional\Personal Firewall\ioloFW.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [ParetoLogic Anti-Virus PLUS] "C:\Program Files\ParetoLogic\Anti-Virus PLUS\Pareto_AV.exe" -NM -hidesplash
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [VIP Organizer] "C:\Program Files\VIP Quality Software\VIP Organizer\VIP Organizer.exe"
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Pro\Add_UrlO.htm
O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Pro\Add_AllO.htm
O8 - Extra context menu item: Visit in &3D using ExitReality - http://3d.exitrealit...mogrifyPage.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai...cat-no-eula.cab
O16 - DPF: {76850F2A-FCAA-454F-82D3-BD46CB186EF5} (IEGCtrl Class) - http://goglobal.miss...ggw-activex.cab
O16 - DPF: {CC4271BF-1582-4FD4-81CD-9AE877B17644} (ESignDoc2 Object) - https://edavki.durs.si/PersonalPortal/[20331]/Controls/ESignDocControls/hslESignDoc2.cab
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Storitev Google Update Service (gupdate1c9a4f81e3d9cae) (gupdate1c9a4f81e3d9cae) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: pcrem service (pcremservice) - Reel Logix, Inc. - C:\Program Files\Reel Logix\The Calendar Planner\pcrem.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
O23 - Service: plasservice (ZeppelinService) - ParetoLogic Inc. - C:\Program Files\Common Files\ParetoLogic\PLAS\plasservice.exe
--
End of file - 10262 bytes
Welcome to 247fixes PC Help Forum
 |
Welcome to 247fixes PC Help Forum, like most online communities you must register to view or post in our community, but don't worry this is a simple free process that requires minimal information. Take advantage of it immediately, Register Now or Sign In.
|
| Guest Message © 2010 DevFuse | |
Page 1 of 1
- You cannot start a new topic
-
This topic is locked
[Resolved] Desktop,menu Line Gone, Resets, Blue Screen Errors I can only start programs through Task Manager
MultiQuote
#2
- Visiting Staff
-
- Group: Visiting Staff
- Posts: 148
- Joined: 26-January 08
- Gender:Male
- Location:The Tundra
Posted 30 June 2009 - 08:37 PM
Hi.
I have bad news I'm afraid :(
One or more of the identified infections is a severe Polymorphic File Infector.
This allows hackers to remotely control your computer, steal critical system information and Download and Execute files.
I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.
Unfortunately no attempt could be made to clean this machine, it could never be considered to be truly clean, secure, or trustworthy. We could not say definitively that unknown and unseen malware will have been removed, nor will your system be restored to its pre-infection state. We cannot remedy unknown changes the malware may likely have made in order to allow itself access, nor can we repair the damage it may possibly have caused to vital system files. Additionally, it is quite possible that changes made to the system by the malware may impact negatively on your computer during the removal process. In short, your system may never regain its former stability or its full functionality without a reformat. Therefore, your best and only course of action is a reformat and reinstallation of the Windows operating system, and that is the course we strongly recommend.
Please read these for more information:
Virut and other Other File Infectors
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall
Next:
I suggest you to start backup all of your valuable data/documents/pictures/movies/songs/etc..
Do NOT backup any applications/installers and Do NOT backup any .exe/.scr/.htm/.html/.xml/.zip/.rar files...
This is because these files may be infected as well. If you back them up and replace them afterwards, it will infect your computer again.
Should you have any questions, please feel free to ask.
I have bad news I'm afraid :(
One or more of the identified infections is a severe Polymorphic File Infector.
This allows hackers to remotely control your computer, steal critical system information and Download and Execute files.
I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.
Unfortunately no attempt could be made to clean this machine, it could never be considered to be truly clean, secure, or trustworthy. We could not say definitively that unknown and unseen malware will have been removed, nor will your system be restored to its pre-infection state. We cannot remedy unknown changes the malware may likely have made in order to allow itself access, nor can we repair the damage it may possibly have caused to vital system files. Additionally, it is quite possible that changes made to the system by the malware may impact negatively on your computer during the removal process. In short, your system may never regain its former stability or its full functionality without a reformat. Therefore, your best and only course of action is a reformat and reinstallation of the Windows operating system, and that is the course we strongly recommend.
Please read these for more information:
Virut and other Other File Infectors
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall
Next:
I suggest you to start backup all of your valuable data/documents/pictures/movies/songs/etc..
Do NOT backup any applications/installers and Do NOT backup any .exe/.scr/.htm/.html/.xml/.zip/.rar files...
This is because these files may be infected as well. If you back them up and replace them afterwards, it will infect your computer again.
Should you have any questions, please feel free to ask.
#4
- Visiting Staff
-
- Group: Visiting Staff
- Posts: 148
- Joined: 26-January 08
- Gender:Male
- Location:The Tundra
Posted 30 June 2009 - 09:29 PM
Hi :)
Aye indeed and I never enjoy such a post as I had to provide for your good self but with this particular infection the only recourse is what I advised I'm afraid.
After you have carried out my advised course of action the below is worth both implementing/reading OK :thumbup:
Reformat and Reinstallation Advice:
Follow this list and your potential for your becoming infected again will reduce dramatically. Any questions feel free to ask OK!
Quote
Sad news. It is interesting that Sirius have the same symptoms, but compleatly different virus. I thank you very much for your support!
After you have carried out my advised course of action the below is worth both implementing/reading OK :thumbup:
Reformat and Reinstallation Advice:
- Use an Anti Virus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.
Here are some free Anti Virus programs which I recommend to use:
- Antivir PersonalEditionClassic
- Free anti-virus software for Windows.
- Detects and removes more than 50,000 viruses. Free support
- avast! 4 Home Edition
- Anti-virus program for Windows.
- The home edition is freeware for noncommercial users.
- Free anti-virus software for Windows.
- Update your Anti Virus Software - It is imperative that you update your Anti virus software at least once a week (Even more if you wish). If you do not update your anti virus software then it will not be able to catch any of the new variants that may come out.
- Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly.
Here are some free Firewalls which I recommend to use:
(Use only one, and disable your Windows Firewall)
Note: Only ever have installed/use one Anti-Virus application and Software Firewall. Otherwise a system conflict will occur and this also lessens overall online protection!
- Antivir PersonalEditionClassic
- Keep your system updated- Microsoft releases patches for Windows and other products regularly:
- I advise you visit: http://update.micros...t.aspx?ln=en-us
- Install the Active X
- Once installed it will advise set Auto-Updates if not set and you then you will be able to manually check for updates also via:
- Start >> All Programs >> Microsoft Updates
- I advise you visit: http://update.micros...t.aspx?ln=en-us
- Make your Internet Explorer more secure - This can be done by following these simple instructions:
- From within Internet Explorer click on the Tools menu and then click on Options.
- Click once on the Security tab
- Click once on the Internet icon so it becomes highlighted.
- Click once on the Custom Level button.
- Change the Download signed ActiveX controls to Prompt
- Change the Download unsigned ActiveX controls to Disable
- Change the Initialise and script ActiveX controls not marked as safe to Disable
- Change the Installation of desktop items to Prompt
- Change the Launching programs and files in an IFRAME to Prompt
- Change the Navigate sub-frames across different domains to Prompt
- When all these settings have been made, click on the OK button.
- If it prompts you as to whether or not you want to save the settings, press the Yes button.
- Change the Download signed ActiveX controls to Prompt
- Next press the Apply button and then the OK to exit the Internet Properties page.
- From within Internet Explorer click on the Tools menu and then click on Options.
- Malwarebytes' Anti-Malware - Download it from here
The tutorial on how to use MBAM is located here - Install WinPatrol - Download it from here
You can find information about how WinPatrol works here - Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.
Download it from here
The tutorial on how to use Spyware Blaster is located here - Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
Follow this list and your potential for your becoming infected again will reduce dramatically. Any questions feel free to ask OK!
#5
- Newbie Member
-
- Group: Member+
- Posts: 3
- Joined: 30-June 09
Posted 01 July 2009 - 04:49 AM
Thank you again!
I have one question. If HTML files can be infected, and I have a web page(s), does that mean that the virus/worm can be spread to visitors of my web page (if some html files are infected)? Any idea how do I check them out? Would infection change the html code (I guess so, and therefore it could be easily found out which html page is infected, but everything would have to be done manually, not convenient if you many of them).
Thank you for the advises, it is interesting that I was behind the router with a firewall, I had Iolo Antivirus and firewall installed, I don't remember using Explorer at all, and yet this happens. I am really thinking of switching to Linux.
Good luck to you all!
I have one question. If HTML files can be infected, and I have a web page(s), does that mean that the virus/worm can be spread to visitors of my web page (if some html files are infected)? Any idea how do I check them out? Would infection change the html code (I guess so, and therefore it could be easily found out which html page is infected, but everything would have to be done manually, not convenient if you many of them).
Thank you for the advises, it is interesting that I was behind the router with a firewall, I had Iolo Antivirus and firewall installed, I don't remember using Explorer at all, and yet this happens. I am really thinking of switching to Linux.
Good luck to you all!
#6
- Visiting Staff
-
- Group: Visiting Staff
- Posts: 148
- Joined: 26-January 08
- Gender:Male
- Location:The Tundra
Posted 01 July 2009 - 10:35 AM
Hi :)
You're welcome!
There is a good possibility as I have know way of knowing how long your computer was compromised. So a distinct possibility any infected HTML files uploaded to a webpage could be infected. As to how you would check a webpage/website as a whole I honestly do not know I'm afraid as I deal only with Anti-Malware support for personal computers and anything for the most part website related is not a subject I have much experience with.
Best advice I have here is to inquire about this in the Software part of the forum.
Quote
Thank you again!
Quote
I have one question. If HTML files can be infected, and I have a web page(s), does that mean that the virus/worm can be spread to visitors of my web page (if some html files are infected)? Any idea how do I check them out? Would infection change the html code (I guess so, and therefore it could be easily found out which html page is infected, but everything would have to be done manually, not convenient if you many of them).
Best advice I have here is to inquire about this in the Software part of the forum.
#7
- Visiting Staff
-
- Group: Visiting Staff
- Posts: 148
- Joined: 26-January 08
- Gender:Male
- Location:The Tundra
Posted 02 July 2009 - 10:12 AM
This thread is being closed because it has been resolved. If you would like it to be reopened please contact me or another member of the Moderating team.
As always, we'd like to thank you for using 247fixes. Have a great day!
This only applies to the original poster if you're not the original poster please start a new topic in this forum.
As always, we'd like to thank you for using 247fixes. Have a great day!
This only applies to the original poster if you're not the original poster please start a new topic in this forum.
Page 1 of 1
- You cannot start a new topic
-
This topic is locked