For evilfantasy--c.bell_08

[c.bell_08]

Like the CyberDefender, I thought I had already uninstalled Avast...I don't know why they are still somewhere in my computer.

[evilfantasy]

For Avast!

Go to this page http://www.avast.com/eng/avast-uninstall-utility.html

Download and run the aswClear.exe

----------

Please go to this page http://my.opera.com/rejzor/blog/security-center-reset-1-0-released

Download and run the Security Center Reset tool to get CyberDefender out of the settings.

----------

How is the computer running now?

,

[c.bell_08]

It appears to be running well, nothing seems infected anymore.
What of the things that I downloaded should I keep/delete?
Is there anything more I should do?

[evilfantasy]

Let's clean up a few things then run a final scan to see if anything else is hiding.

• Click START then RUN
  
• Now type Combofix /u in the runbox
  
• Make sure there's a space between Combofix and /u
• Then hit Enter.

.

.
The above procedure will:

• Delete:
• ComboFix and its associated files and folders.
• VundoFix backups, if present
• The C:\Deckard folder, if present
• The C:_OtMoveIt folder, if present

• Reset the clock settings.
• Hide file extensions, if required.
• Hide System/Hidden files, if required.
• Set a new, clean Restore Point.

.
----------

1. Double click OTMoveIt3.exe to launch it.
Vista users right click and choose Run As Administrator
2. Click on the CleanUp! button.
3. OTMoveIt2 will download a list from the Internet, if your firewall or other defensive programs alerts you, allow it access.
4. Click YES at the next prompt (list downloaded, Do you want to begin cleanup process?)
5. Once complete exit out of OTMoveIt3

----------

Use the ESET Online Antivirus Scanner

This scanner requires Internet Explorer

1. Check the box next to YES, I accept the Terms of Use.
2. Click Start
3. When asked, allow the activex control to install
4. Click Start
5. Make sure that the option Remove found threats and the option Scan unwanted applications is check marked.
6. Click Scan
7. Wait for the scan to finish
8. Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
9. Add the C:\Program Files\EsetOnlineScanner\log.txt log into your next reply.

[c.bell_08]

I tried three times to do the combofix /u thing, but each time an error message came up saying 'prep.com has encountered a problem and needs to close.  We are sorry for the inconvenience.' and AVG detects a trojan backdoor.

[evilfantasy]

Just move on to the OTMoveIt3 steps. That will remove anything that the combofix /u misses.

[c.bell_08]

Combo and OTMove both appear gone. Should I delete all the logs, aswclear, security center, or any of the programs from way back in the very beginning before I do the scan?

[evilfantasy]

Yes please delete any special; tools we used and then run CCleaner before starting the ESET scan.

[c.bell_08]

So I should uninstall superantispyware, malewarebytes, and the hijackthis?

[evilfantasy]

No keep superantispyware, malewarebytes. They are free. Update and run them every now and then to make sure nothing has gotten in unannounced. You can either keep or uninstall Hijackthis.

[c.bell_08]

# version=4
# OnlineScanner.ocx=1.0.0.635
# OnlineScannerDLLA.dll=1, 0, 0, 79
# OnlineScannerDLLW.dll=1, 0, 0, 78
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=3816 (20090201)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.066 (20070917)
# EOSSerial=532c9254668fe542ad393791138f08cd
# end=finished
# remove_checked=true
# unwanted_checked=true
# utc_time=2009-02-01 01:48:12
# local_time=2009-02-01 08:48:12 (-0500, Eastern Standard Time)
# country="United States"
# osver=5.1.2600 NT Service Pack 3
# scanned=364985
# found=2
# scan_time=5177
C:\Program Files\Morpheus\morpheustoolbar.exe   Win32/Toolbar.AskSBar application (unable to clean - deleted)   00000000000000000000000000000000
C:\Program Files\Morpheus\mymorpheusToolbar.exe   Win32/Toolbar.AskSBar application (unable to clean - deleted)   00000000000000000000000000000000


Here is the log. The Morpheus toolbar was already deleted, earlier when you said-I don't even use the toolbar.

[evilfantasy]

Check Add/Remove Programs for Morpheus 5.2 (remove only) and uninstall it if you don't use it.

Then delete this folder: (if it's there)

C:\Program Files\Morpheus

----------

Final steps. And suggestions. Let me know if you have any questions.

Use the Secunia Software Inspector to check for out of date software.

• Click Start Now
  
• Check the box next to Enable thorough system inspection.
  
• Click Start
  
• Allow the scan to finish and scroll down to see if any updates are needed.
• Update anything listed.

.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

Here are some great FREE tools to help you keep from getting infected again. These tools use little or no resources so won't slow down your PC.

Concerned about Browser Security? Consider using Mozilla Firefox. With more than 15,000 improvements, Firefox 3 is faster, safer and smarter than ever before.

For Internet Explorer 7 users there is IE7Pro. IE7Pro is a must have add-on for Internet Explorer, which includes a lot of features and tweaks to make your IE friendlier, more useful, more secure and customizable.

To prevent unknown applications from being installed on your computer install WinPatrol 2008
* Using Winpatrol to protect your computer from malicious software

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It May Not Be Malware for free cleaning/maintenance tools to help keep your computer running smooth.

[c.bell_08]

On the Secunia Software Inspector step, it said my Macromedia Flash Player 6.x was insecure/out-dated. I was wondering since I have adobe flash, do I need this one too? If I don't, how should I go about getting rid of it (I don't think it is in the add/remove).

[evilfantasy]

This is a common problem. Easy to fix.

Do this to remove all unstable older versions of Flash.

Download the Flash Player Uninstaller and save it to your desktop.

Run the uninstaller program and then reboot your computer to complete the uninstall.

Download and install the latest version of Flash Player

[c.bell_08]

Alright, everything seems perfect If you think all is well, than I thank you greatly for all that you have done for me!! I don't know what I would have done without you! (The people at hp, whom I spoke to first, automatically told me to restore my computer-I'm so glad I didn't have to!!)
I wish I could give you something more, but I hope you accept my many thanks.