iainwith2is Posted July 3, 2011 Author Posted July 3, 2011 I am correctly in assuming AVG has been completely removed?: All processes killed ========== SERVICES/DRIVERS ========== Error: No service named Avg was found to stop! Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg deleted successfully. Error: Unable to stop service AVGIDSAgent! Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVGIDSAgent deleted successfully. Error: Unable to stop service AVGIDSDriver! Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVGIDSDriver deleted successfully. Error: Unable to stop service AVGIDSEH! Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVGIDSEH deleted successfully. Error: Unable to stop service AVGIDSFilter! Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVGIDSFilter deleted successfully. Error: Unable to stop service AVGIDSShim! Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVGIDSShim deleted successfully. Error: Unable to stop service Avgldx86! Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avgldx86 deleted successfully. Error: Unable to stop service Avgmfx86! Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avgmfx86 deleted successfully. Error: Unable to stop service Avgrkx86! Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avgrkx86 deleted successfully. Error: Unable to stop service Avgtdix! Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avgtdix deleted successfully. Error: Unable to stop service avgwd! Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgwd deleted successfully. Error: No service named AVG Security Toolbar Service was found to stop! Service\Driver key AVG Security Toolbar Service not found. Error: No service named avg9emc was found to stop! Service\Driver key avg9emc not found. Error: No service named avg9wd was found to stop! Service\Driver key avg9wd not found. ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\AppEvents\EventLabels\avgtrayRSAlert\ not found. Registry key HKEY_CURRENT_USER\AppEvents\EventLabels\avgtrayScanFinished\ not found. Registry key HKEY_CURRENT_USER\AppEvents\EventLabels\avgtrayScanFinishedThreatFound\ not found. Registry key HKEY_CURRENT_USER\AppEvents\EventLabels\avgtrayScanStarted\ not found. Registry key HKEY_CURRENT_USER\AppEvents\EventLabels\avgtrayUpdEnd\ not found. Registry key HKEY_CURRENT_USER\AppEvents\EventLabels\avgtrayUpdEndFail\ not found. Registry key HKEY_CURRENT_USER\AppEvents\EventLabels\avgtrayUpdStart\ not found. Registry key HKEY_CURRENT_USER\AppEvents\Schemes\Apps\avgtray\ not found. Registry key HKEY_CURRENT_USER\Software\Avg\ deleted successfully. Registry key HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\AVG9 Shell Extension\ deleted successfully. Registry key HKEY_CLASSES_ROOT\.avgdx not found. Registry key HKEY_CLASSES_ROOT\CLSID\{1152F8E0-69DB-4935-AFC3-59F8A5A86A3E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1152F8E0-69DB-4935-AFC3-59F8A5A86A3E}\ not found. Registry key HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found. Registry key HKEY_CLASSES_ROOT\CLSID\{41B21542-2055-4212-A6F2-395CD109B14B}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41B21542-2055-4212-A6F2-395CD109B14B}\ not found. Registry key HKEY_CLASSES_ROOT\CLSID\{6F59E522-4689-156E-316C-D5B48819DE95} \ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6F59E522-4689-156E-316C-D5B48819DE95}\ not found. Registry key HKEY_CLASSES_ROOT\CLSID\{86E8C5B0-75B6-4ff2-B04F-6789CC7AE386}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86E8C5B0-75B6-4ff2-B04F-6789CC7AE386}\ not found. Registry key HKEY_CLASSES_ROOT\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}\ not found. Registry key HKEY_CLASSES_ROOT\CLSID\{EF0BB4CD-81FA-48AF-99B3-AB6C1F079BEC}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF0BB4CD-81FA-48AF-99B3-AB6C1F079BEC}\ not found. Registry key HKEY_CLASSES_ROOT\CLSID\{F1FE4608-7924-4908-8E12-81CFA206F00A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F1FE4608-7924-4908-8E12-81CFA206F00A}\ not found. Registry key HKEY_CLASSES_ROOT\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}\ not found. Registry key HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\AVG9 Shell Extension\ deleted successfully. Registry key HKEY_CLASSES_ROOT\Installer\Features\36E852A15FD8BDA48923830A21D156BE\ not found. Registry key HKEY_CLASSES_ROOT\Installer\Features\69BC3230A1222404483A39DE4E0799CF\ not found. Registry key HKEY_CLASSES_ROOT\Installer\Features\CFD2C1F142D260E3CB8B271543DA9F98\ deleted successfully. Registry key HKEY_CLASSES_ROOT\Installer\Products\36E852A15FD8BDA48923830A21D156BE\ not found. Registry key HKEY_CLASSES_ROOT\Installer\Products\69BC3230A1222404483A39DE4E0799CF\ not found. Registry key HKEY_CLASSES_ROOT\Installer\Products\CFD2C1F142D260E3CB8B271543DA9F98\ deleted successfully. Registry key HKEY_CLASSES_ROOT\Installer\UpgradeCodes\06DD9E4F7F3FF9C41BC2BD64A2CE18FE\ deleted successfully. Registry key HKEY_CLASSES_ROOT\Installer\UpgradeCodes\38F747DBDC97B4E459142E21199F9D10\ deleted successfully. Registry key HKEY_CLASSES_ROOT\Installer\UpgradeCodes\41A387AA3A7A33D3590FA953D1350011\ deleted successfully. Registry value HKEY_CLASSES_ROOT\LinkScannerIE.NavFilter\\ deleted successfully. Registry value HKEY_CLASSES_ROOT\LinkScannerIE.NavFilter.1\\ deleted successfully. Registry value HKEY_CLASSES_ROOT\MicroScanner.MicroScanner\\ deleted successfully. Registry key HKEY_CLASSES_ROOT\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension\ deleted successfully. Registry key HKEY_CLASSES_ROOT\PROTOCOLS\Handler\linkscanner\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\AVG\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DevDiv\VC\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0323CB96-221A-4042-84A3-93EDE47099FC}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0323CB96-221A-4042-84A3-93EDE47099FC}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1A258E63-8DF5-4ADB-9832-38A0121D65EB}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1A258E63-8DF5-4ADB-9832-38A0121D65EB}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AlwaysUnloadDll\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG\ deleted successfully. Registry key HKEY_CLASSES_ROOT\CLSID\{50A96677-4378-434d-9F4B-6B28B485933F}\{976BA62F-ABED-40e0-8F7B-6DE4F6756F0B}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{976BA62F-ABED-40e0-8F7B-6DE4F6756F0B}\ not found. Registry key HKEY_CLASSES_ROOT\CLSID\{50A96677-4378-434d-9F4B-6B28B485933F}\{976BA62F-ABEE-40e0-8F7B-6DE4F6756F0B}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{976BA62F-ABEE-40e0-8F7B-6DE4F6756F0B}\ not found. Registry key HKEY_CLASSES_ROOT\CLSID\{50A96677-4378-434d-9F4B-6B28B485933F}\{976BA62F-ABEF-40e0-8F7B-6DE4F6756F0B}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{976BA62F-ABEF-40e0-8F7B-6DE4F6756F0B}\ not found. Registry key HKEY_CLASSES_ROOT\CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7}\ not found. Registry key HKEY_CLASSES_ROOT\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found. Registry key HKEY_CLASSES_ROOT\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found. Registry key HKEY_CLASSES_ROOT\CLSID\{F2DDE6B2-9684-4A55-86D4-E255E237B77C}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F2DDE6B2-9684-4A55-86D4-E255E237B77C}\ not found. Registry key HKEY_CLASSES_ROOT\PROTOCOLS\Handler\avgsecuritytoolbar\ not found. Registry key HKEY_CURRENT_USER\AppEvents\EventLabels\avgtrayWSAlert\ not found. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found. Registry key HKEY_CURRENT_USER\Software\AppDataLow\Avg\ not found. Registry key HKEY_CURRENT_USER\Software\AVG Security Toolbar\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\AVG Security Toolbar\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall\ not found. Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms\ not found. Registry key HKEY_USERS\.DEFAULT\AppEvents\EventLabels\avgtrayRSAlert\ deleted successfully. Registry key HKEY_USERS\.DEFAULT\AppEvents\EventLabels\avgtrayScanFinished\ deleted successfully. Registry key HKEY_USERS\.DEFAULT\AppEvents\EventLabels\avgtrayScanFinishedThreatFound\ deleted successfully. Registry key HKEY_USERS\.DEFAULT\AppEvents\EventLabels\avgtrayScanStarted\ deleted successfully. Registry key HKEY_USERS\.DEFAULT\AppEvents\EventLabels\avgtrayWSAlert\ deleted successfully. Registry key HKEY_USERS\.DEFAULT\AppEvents\Schemes\Apps\avgtray\ deleted successfully. Registry key HKEY_USERS\.DEFAULT\Software\AppDataLow\Avg\ deleted successfully. Registry key HKEY_USERS\.DEFAULT\Software\Avg\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AVG9_TRAY not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\\{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3f963a5b-e555-4543-90e2-c3908898db71}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\\avg@igeared not found. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\GroupOrderList\\AVG deleted successfully. ========== FILES ========== C:\$AVG\$VAULT folder moved successfully. C:\$AVG folder moved successfully. Invalid Environment Variable: COMMONAPPDATA Invalid Environment Variable: COMMONAPPDATA Invalid Environment Variable: COMMONPROGRAMS C:\Documents and Settings\Woko\Application Data\AVG10\cfgall folder moved successfully. C:\Documents and Settings\Woko\Application Data\AVG10 folder moved successfully. C:\Program Files\AVG\AVG9 folder moved successfully. C:\Program Files\AVG\AVG10\PCTuneup folder moved successfully. C:\Program Files\AVG\AVG10\Notification folder moved successfully. C:\Program Files\AVG\AVG10\Identity Protection\Agent\driver\platform_XP folder moved successfully. C:\Program Files\AVG\AVG10\Identity Protection\Agent\driver folder moved successfully. C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin folder moved successfully. C:\Program Files\AVG\AVG10\Identity Protection\Agent folder moved successfully. C:\Program Files\AVG\AVG10\Identity Protection folder moved successfully. C:\Program Files\AVG\AVG10\Icons folder moved successfully. C:\Program Files\AVG\AVG10\Firefox4\Components folder moved successfully. C:\Program Files\AVG\AVG10\Firefox4\Chrome folder moved successfully. C:\Program Files\AVG\AVG10\Firefox4 folder moved successfully. C:\Program Files\AVG\AVG10\Firefox\Chrome folder moved successfully. C:\Program Files\AVG\AVG10\Firefox folder moved successfully. C:\Program Files\AVG\AVG10\Drivers\XP folder moved successfully. C:\Program Files\AVG\AVG10\Drivers\ErHrXpx86 folder moved successfully. C:\Program Files\AVG\AVG10\Drivers folder moved successfully. C:\Program Files\AVG\AVG10\Chrome folder moved successfully. C:\Program Files\AVG\AVG10\3rd_party\licenses folder moved successfully. C:\Program Files\AVG\AVG10\3rd_party folder moved successfully. Folder move failed. C:\Program Files\AVG\AVG10 scheduled to be moved on reboot. Folder move failed. C:\Program Files\AVG scheduled to be moved on reboot. Invalid Environment Variable: SYSTEM Invalid Environment Variable: COMMONAPPDATA Invalid Environment Variable: COMMONAPPDATA Invalid Environment Variable: COMMONPrograms Invalid Environment Variable: COMMONAPPDATA Invalid Environment Variable: COMMONDESKTOP Invalid Environment Variable: SYSTEM Invalid Environment Variable: SYSTEM Invalid Environment Variable: SYSTEM Invalid Environment Variable: SYSTEM Invalid Environment Variable: SYSTEM Invalid Environment Variable: SYSTEM Invalid Environment Variable: SYSTEM Invalid Environment Variable: SYSTEM Invalid Environment Variable: COMMONDesktop File/Folder C:\Program Files\Mozilla Firefox\searchplugins\avg_igeared.xml not found. Invalid Environment Variable: SYSTEM ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56504 bytes User: LocalService ->Temp folder emptied: 65984 bytes ->Temporary Internet Files folder emptied: 124442984 bytes ->Flash cache emptied: 4023 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 1707492322 bytes ->Java cache emptied: 69885 bytes ->Flash cache emptied: 79739 bytes User: Nicola ->Temp folder emptied: 72636750 bytes ->Temporary Internet Files folder emptied: 11589094 bytes ->Java cache emptied: 26188 bytes ->FireFox cache emptied: 52663456 bytes ->Flash cache emptied: 70204 bytes User: Owner ->Temporary Internet Files folder emptied: 48838 bytes User: Woko ->Temp folder emptied: 4834607 bytes ->Temporary Internet Files folder emptied: 3905811 bytes ->Java cache emptied: 277863 bytes ->FireFox cache emptied: 190843525 bytes ->Flash cache emptied: 58071 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 3281601 bytes %systemroot%\System32 .tmp files removed: 2577 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 87229774 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 2,155.00 mb OTL by OldTimer - Version 3.2.25.0 log created on 07032011_143802 Files\Folders moved on Reboot... C:\Program Files\AVG\AVG10 folder moved successfully. C:\Program Files\AVG folder moved successfully. Registry entries deleted on Reboot... Quote
ExTS Admin Starbuck Posted July 3, 2011 ExTS Admin Posted July 3, 2011 Hi iainwith2is I am correctly in assuming AVG has been completely removed?: It would seem that parts of AVG had already been removed. That's why in the report you can see that some lines were not found. Plus that list covered more than one version of AVG, so some entries would not have been on your system anyway. But yes, i think you can safely assume that AVG is history. You should be able to install a new AV program now. If you decide on Avira, please note: Due to recent changes Avira now includes the Ask.com Toolbar unless you choose not to install it. This means it is pre-checked by default and it is recommended that you uncheck that option during installation. Quote Member of:UNITE
iainwith2is Posted July 3, 2011 Author Posted July 3, 2011 (edited) Any AV that you would recommend in particular? How about the stuff I have installed during this process, remove, keep, run some occasionally? Edited July 3, 2011 by iainwith2is Quote
ExTS Admin Starbuck Posted July 3, 2011 ExTS Admin Posted July 3, 2011 Hi iainwith2is Any AV that you would recommend in particular? my 2 recommendations are in post #10 but on this system i'm using at the moment, i'm running MSSE. How about the stuff I have installed during this process, remove, keep, run some occasionally? Let me know when the new AV installed and let me know if everything is running ok and then we'll deal with this. All this info will be in my final speech. Most of the programs we've used will need to be removed..... but i'll explain all later. Quote Member of:UNITE
iainwith2is Posted July 4, 2011 Author Posted July 4, 2011 Hi, I went and installed Avira and everything looks hunky-dory. Thank you for the help, there's no way I could have done it myself its way beyond the PC knowledge I have. Its nice to reply to these posts without my phone! Quote
ExTS Admin Starbuck Posted July 4, 2011 ExTS Admin Posted July 4, 2011 Hi iainwith2is Glad to hear everything is running fine. Thank you for the help, there's no way I could have done it myself its way beyond the PC knowledge I have. It's no problem at all. Believe it or not when i had my first pc, i had to keep asking my kids how to do things. In the end i got so embarrassed about asking them that i decided to buy some books and then started a malware removal course on one of the sites. Now my kids come and ask me things. http://fc06.deviantart.net/fs4/i/2004/250/7/1/ROFL_by_b4sti.gif Let's finish off then: Most of the programs we used are updated regularly, so will need to be removed. The final speech should give you a good idea on how to keep your system malware free. Step 1 Restart MBAM. Click on the Quarantine tab If there are items in quarantine..... Make sure everything is selected and then click Delete All. Close MBAM. Step 2 Please uninstall ComboFix by Clicking on Start ...then run ... and type in combofix /uninstall (don't forget there's is a gap between x and /) Then press Ok http://img.photobucket.com/albums/v708/starbuck50/new/cfu.png This action will uninstall Combofix and also perform a few cleanup measures Step 3 Please double-click OTL to run it. You should see a CleanUp! button, press that button, http://img.photobucket.com/albums/v708/starbuck50/cleanupbutton.png This will cleanup an assortment of tools used during malware removal, plus itself Note: MBAM will not be removed Step 4 Now you should Set a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which sometimes can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state. The easiest and safest way to do this is: Go to Start > Programs > Accessories > System Tools and click "System Restore". Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the Restore Point a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore. Then go to Start > Run and type: Cleanmgr Click "OK". Select the drive for cleaning then click OK (usually 'C' drive) Click the "More Options" Tab. Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one. To find out how you may have been infected....read this topic: How did i get infected? Not all of the following information will be applicable to you, but it's still best to read it all. Now that you are clean, please follow these simple steps in order to keep your computer clean and secure: Use an AntiVirus Software Avira AntiVir ... see note* ....installation guide Here Avast free Bitdefender Free MS Security Essentials ... see note** ...installation guide Here Note*: Avira now includes the Ask.com Toolbar unless you choose not to install it. This means it is pre-checked by default and it is recommended that you uncheck that option during installation. Note**: Upon installation MS Security Essentials will check that your OS is a legal copy. Only install one AntiVirus program [*]Update your AntiVirus Software regularly [*]Use a 3rd party Firewall Online Armor Free ZoneAlarm ...Important note below Outpost Firewall Free Sunbelt Personal Firewall NOTE: If choosing Zone Alarm be aware that the free version also installs ZoneAlarm Spy Blocker. It is recommended however that you UNcheck this option. Only install one software Firewall Some 3rd party Firewalls will turn off the windows firewall when they are installed. It's always best to check that the Windows Firewall is turned off: How to turn off Windows Firewall: Start ... Control Panel ...click on 'Classic View'. now select Windows Firewall. When the Windows Firewall box opens, put a tick against .. Off (not recommended) and then click Ok [*]Scan regularly with a 'Stand Alone' Anti-Malware scanner: Installing another scanner that you can run once or twice a week is always beneficial. Something like: Malwarebytes Anti-Malware SUPERAntiSypware Remember to update these programs each time before running. You can install more than one of these if you only run them as stand alone programs. [*] Use an alternative browser: Some excellent alternatives to MS Internet Explorer are: Firefox For added security, add the NoScript extension to this browser: Allow active content to run only from sites you trust, and protect yourself against XSS and Clickjacking attacks also consider adding: WOT - Safe Browsing Tool Web of Trust warns you about risky sites that cheat customers, deliver malware or send spam. Millions of members of the WOT community rate sites based on their experience, giving you an extra layer of protection when browsing or searching the Web. Btw: you don't have to make a contribution. Opera They offer better security, more stability, and better speed. [*]Keep a backup of your registry Keeping a regular backup of your registry will help when something goes wrong. Use a program like: Erunt A full tutorial on how to set up and use Erunt can be found here: Erunt tutorial [*]Keep your system clean of temp files etc, using a 'Cleaner': Cleaners are programs that will help to clean out your: Windows temp files Current user temp files Cookies Temporary Internet flies Browser history Recycle bin Etc....... In other words.... all the rubbish that you accumalate over the course of your browsing and day to day usage of your pc. Programs like: TFC by OldTimer ATF Cleaner [*]Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. [*]Install SpywareBlaster - SpywareBlaster will add a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs. A tutorial on installing & using this product can be found here: Using and installing SpywareBlaster [*]Update all your 'Security' programs regularly - Without regular updates you WILL NOT be protected when new malicious programs are released. Follow this list and your potential for being infected again will reduce dramatically. Glad I was able to help. Safe surfing. http://fc08.deviantart.net/fs71/f/2010/033/b/3/Computer_addict__by_Sinister_Starfeesh.gif Quote Member of:UNITE
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.