[emeraldnzl]

And how is your computer now then?

[sssrgg]

Hi emeraldnzl, I ran ccleaner and advanced system care and AML registry cleaner to fix registry problems. I ran IOBit security 360, which found one more threat that was left unremoved by MBAM. The log file is pasted below. The computer seems now working fine. It is responding faster than before, but I have not enabled AVG on access scanner yet. Now, I would like to get your suggestion to clear out Qoobox folder. Probably I should not delete it straight out. ---------------- IObit Security 360 OS:Windows XP Version:1.0.0.60 Define Version:1194 Time Elapsed:00:44:35 Objects Scanned:74240 Threats Found:1 |Name|Type|Description|ID| Trojan.Sirefef - Quarantined, File, C:\System Volume Information\_restore{9859E56E-C8A1-4326-9CF1-ACD4FD6C7682}\RP1260\A0345882.dll, 12-1933 ------------------- Thank you.

[emeraldnzl]

Hello sssrgg,

I think you machine is clean now.

We have a couple of last steps to perform and then you're all set.

Follow these steps to uninstall Combofix and some tools used in the removal of malware. This will also clean out and reset your Restore Points

• Click START then RUN
• Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.
  
  

After that please go here to download OTC.

Run this program to remove the remaining tools we have been using.

You will be asked to reboot the machine to finish the Cleanup process choose Yes.

MBAM can be uninstalled via control panel add/remove but it may be a useful tool to keep. The Win32kDiag. folder can be deleted.

-------------------------------------------------------------------------------------------------------------------

A reminder: Remember to turn back on any anti-malware programs you may have turned off during the cleaning process.

-------------------------------------------------------------------------------------------------------------------

Now that your machine is clean here are some things that I think are worth having a look at if you don't already know a bout them:

---------------------------------------------------------------------------------------------------------------------

Regularly check that your Java is up to date. Older versions are vunerable to malicious attack.

• Download from here Java Runtime Environment (JDK) Update
• Scroll to where it says "Windows XP/Vista/2000/2003/2008 online" and download and follow the instructions to install.
  
  Reboot your computer.
  You also need to uininstall older versions of Java.
  
• Click Start > Control Panel > Add or Remove Programs
• Remove all Java updates except the latest one you have just installed.

--------------------------------------------------------------------------------------------------------------------

Be sure and give the Temp folders a cleaning out now and then. This helps with security and your computer will run more efficiently. I clean mine once a week. For ease of use, you might consider the following free program:

• ATF Cleaner

--------------------------------------------------------------------------------------------------------------------

Make Internet Explorer more secure

• Click Start > Run
• Type Inetcpl.cpl & click OK
• Click on the Security tab
• Click Reset all zones to default level
• Make sure the Internet Zone is selected & Click Custom level
• In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
• Next Click OK, then Apply button and then OK to exit the Internet Properties page.

* MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.

* Consider using an alternate browser. Mozilla's Firefox browser is excellant; it is more secure than Internet Explorer. Firefox is my default browser but I retain Internet Explorer as well so that I can access the very few sites that require it.

Firefox may be downloaded from Here

NoScripts is a good Add-on for Firefox that prevents execution of malicious scripts.

-----------------------------------------------------------------------------------------------------------------------

Startuplite is a tool to help you stop some programs not needed when you start your computer from loading. They will begin automatically only when needed.

-----------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future here are some free programs you can look at:

• If your Microsoft Update is not working automatically. Keep your operating system up to date by visiting
  
• Microsoft Windows Update
  
  monthly.
  
  It is recommended that you do set Windows to check, download and install your updates automatically.
  
  * Click Start > Control Panel > Automatic Updates
  * Set the day and time for the update check. Set this to a time when your computer will normally be on and connected to the internet.
  * Click Apply then OK.
  
  And to keep your system clean consider choosing from these free malware scanners and running it
  
• AdAware SE Personal
  
• Spybot Search & Destroy
  
• SuperAntiSpyWare
  
  weekly. Be aware of what emails you open and websites you visit.

An antivirus program is essential.

Here are a couple of to choose from (these are also free for personal use):

• Avast
• AVIRA Note: AVIRA free comes with adware that promotes their paid for version each time it updates.

I like Avira but some people find the pop up advertisements each time it updates a bit trying.

A firewall is essential to help prevent hackers from infiltrating your computer.

Here are two good firewalls free for personal use:

• OnLine-Armour
• PC Tools Firewall Plus

Note: Do not use more than one anti-virus or firewall. Running two or more real-time anti-virus, anti-spyware and firewall monitors at the same time can cause a conflict. That conflict can result in slow computer performance, error messages, crashes of the programs or other types of failure. You will very likely end up with little or no protection.

Go here for some good advice about how to prevent infection.

Have a safe and happy computing day!

[sssrgg]

Hello emeraldnzl,

Thank you very much for your generous help. I am impressed with your genuine and expert suggestions to keep computer clean and safe. I switched to AVIRA from AVG following your suggestion. The Java update terminates before completion displaying a message "lib\charsets.jar: Old file not found. However a file of the same name was found. No update done since file contents do not match." My trial using Javara to uninstall JRE6u15 also failed. Java is now having some problem that I need to fix next.

It seems I am getting newer problems one after another. :P

[sssrgg]

Update: OK, I could install Java6u16 in a newer folder and then used JavaRa to remove older one. So, now I have latest Java upgrade too.

[emeraldnzl]

Quote:

OK, I could install Java6u16 in a newer folder and then used JavaRa to remove older one. So, now I have latest Java upgrade too.

Well done. Glad you got that sorted.

Quote:

Thank you very much for your generous help

Your very welcome