[Cookiegal]

Yes, try uninstalling and reinstalling Avast.

[spike9]

Ok, that's done and avast is running properly now. What's next?

Peter

[Cookiegal]

Is everything running fine with the system now?

[spike9]

Evertything else seems to be ok, so I turned spysweeper back on and enabled everything again and ran a sweep, it picked up three possible viruses and quarentined them. I'm attaching the sesion log from spysweeper.

Hope this is nothing.

[Cookiegal]

SpySweeper logs are tedious and difficult to read. The only things I saw were items already quarantined like in Qoobox which is where Combofix moves files and the others are in system restore, which we will be flushing out. If you see others, please point them out to me as my eyes can only take so much.

[spike9]

That was it everything else appears to be fine.

[Cookiegal]

Here are some final instructions for you.

The following program will remove the tools we've used and their associated files and backups and then it will delete itself.

Please download OTMoveIt2 by OldTimer.

• Save it to your desktop.
• Make sure you have an Internet Connection.
• Double-click OTMoveIt.exe to run it. (Vista users, please right-click on OTMoveIt2.exe and select "Run as an Administrator")
• Click on the CleanUp! button
• A list of tool components used in the cleanup of malware will be downloaded.
• If your firewall or real-time protection attempts to block OTMoveIt2 to reach the Internet, please allow the application to do so.
• Click Yes to begin the cleanup process and remove these components, including this application which will delete itself.
• You will be asked to reboot the machine to finish the cleanup process. If you are asked to reboot the machine choose Yes.

Now you should turn system restore off to flush out all previous system restore points, then turn it back on and create a new restore point:

To turn off system restore, on the Desktop, right click on My Computer and click on Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply and then click OK.

Restart your computer, turn System Restore back on and create a restore point.

To create a new restore point, click on Start – All Programs – Accessories – System Tools and then select System Restore.

In the System Restore wizard, select Create a restore point and click the Next button.

Type a name for your new restore point then click on Create.


I also recommend downloading SPYWAREBLASTER for added protection.

Read here for info on how to tighten your security.


Delete Temporary Files:

Go to Start - Run and type in cleanmgr and click OK.
Let it scan your system for files to remove.
Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
Press OK to remove them.

[spike9]

Thanks all actions have been completed, everything seems to be ok>

Peter

[Cookiegal]

You're welcome.

[spike9]

Thanks for all your help Cookiegal.

One last question, before you go, how do I turn autorun back on?

Thanks

Peter

[Cookiegal]

Are you sure you want to do that? The risk of infection with that method is great since malware will run automatically if you insert an infected device.

[spike9]

I'm not to worried about that side of things, the only things that get inserted in my drives are legitimate program disks, memory cards from my camera and my memory stick that I know has clean documents. I think my bigger threat, is surfing and trying to find something for nothing, which is probably what got me last time. I think I've learned my lesson there.

[Cookiegal]

OK then. I'm attaching a Fixautorun.zip file. Save it to your desktop. Unzip it and double-click the Fixautorun.reg file and allow it to enter into the registry.

[spike9]

Thanks for all your help.

Have a great summer.

[Cookiegal]

It's my pleasure and you have a great summer too.