I think everything should be OK now. We missed some things the first time around but I am confident we got it all this time.
Cleanup
Time to do some cleanup and secure the work you have done.
- Click START then RUN
- Now type Combofix /u in the runbox
- Make sure there's a space between Combofix and /u
- Then hit Enter.
(http://i154.photobucket.com/albums/s258/evilfantasy69/combofixu-1.jpg)
- The above procedure will:
- Delete the following:
- ComboFix and its associated files and folders.
- Reset the clock settings.
- Hide file extensions, if required.
- Hide System/Hidden files, if required.
- Set a new, clean Restore Point.
-
Please download OTMoveIt2 by OldTimer OTMoveIt2.exe (http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe) and place it on your desktop.
1. Double click OTMoveIt2.exe to launch it.
2. Click on the CleanUp! button.
3. OTMoveIt2 will download a list from the Internet, if your firewall or other defensive programs alerts you, allow it access.
4. Click YES at the next prompt (list downloaded, Do you want to begin cleanup process?)
5. Once complete exit out of OTMoveIt2
Here are some great tools to help you keep from getting infected again.
Spybot Search & Destroy (http://fileforum.betanews.com/detail/Spybot_Search_and_Destroy/1043809773/1) - A safe and effective spyware scanner.
* Official Spybot Tutorial (http://www.safer-networking.org/en/tutorial/index.html)
* Spybot FAQ (http://www.safer-networking.org/en/faq/index.html)
AVG Anti-Spyware Free Edition (http://free.grisoft.com/doc/download-free-anti-spyware/us/frt/0) - Very reliable with a high detection rate.
* AVG Anti-Spyware User Manual (http://free.grisoft.com/doc/5390/us/frt/0?prd=asf)
SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html) - Secure your Internet Explorer to make it harder for these ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* SpywareBlaster Tutorial (http://www.bleepingcomputer.com/tutorials/tutorial49.html)
Comodo BOClean (http://www.comodo.com/boclean/CBO_download.html) - Stops trojans and many more malicious attacks.
Use a Firewall - It can not be stressed enough how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over.
* Click here (http://www.freebyte.com/antivirus/#freefirewalls) for a list of free firewalls.
UPDATE UPDATE UPDATE!!! - If you do not have automatic updates enabled then visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer.
* Help with Windows updates (http://support.microsoft.com/?scid=ph;en-us;6527)
Learn more about how to protect yourself while on the internet read this article by Tony Klien: So how did I get infected in the first place? (http://www.castlecops.com/postlite7736-.html)
Let us know if anything else comes up.