Yoog Search (firefox+IE)

[guestolo]

It looks like everything is clear

I'm kind of curious, do you know what these files are on your desktop?
moh-tmc-a.m4v
alli-xfiler5-xvid.m4v
avpr-akcpe.m4v
opt-earthre-xvid.m4v
HR5.m4v
dmd-themist-cd2.m4v
dmd-themist-cd1.m4v

They all look like Itunes media files, just wanted to ensure you knew about them

Nod32 is a great AntiVirus, would you like to run an online Virus scan
Sometimes, what one misses another catches

Edit>>We still have some final cleanup measure to do, so please post back  http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'\' />

[antdgar]

Ahh those files are movies I recently converted for my iphone.

Yoog seems to be gone. I will run different virus scans too. It's quite frightening when one catches what another does not.

Oh and I will donate to you, as a thank you for your help. Just give me a week or so http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/happy.gif\' class=\'bbc_emoticon\' alt=\'^_^\' />

[guestolo]

As it's important to only have one active AntiVirus installed
Running an Online virus scan is a great alternative
Temporarily disable Nod32

This virus scanner will not remove malware, but only identify it
So I'll need to see the log afterwards

Please do a scan with [color=\"#3333FF\"]Kaspersky Online Scanner[/color]

[color=\"green\"]Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.[/color]

Click on the Accept button and install any components it needs.

• The program will install and then begin downloading the latest definition files.
• After the files have been downloaded on the left side of the page in the Scan section select My Computer.
  
• This will start the program and scan your system.
• The scan will take a while, so be patient and let it run.
• Once the scan is complete, click on View scan report
  
• Now, click on the Save Report as button.
  
• In the drop down box labeled Files of type change the type to Text file and give the file a name
  
• Save the file to your desktop.
• Copy and paste that information in your next post

[antdgar]

Just to let you know, I will be donating to you from your sig link. It will be about 2 weeks as I'm on holiday right now.

Thanks again^^

[guestolo]

You may want to take the time and run the Kaspersky scan when you get a chance and post it's log
We should do a final cleanup also, nothing major

[antdgar]

[quote name=\'guestolo\' post=\'454129\' date=\'Jan 1 2009, 02:44 PM\']You may want to take the time and run the Kaspersky scan when you get a chance and post it's log
We should do a final cleanup also, nothing major[/quote]

I'm running kaspersky online scanner right now. I'll update this post with the log.


It seems something still remains. Every time I search with MBAM (Malware Bytes') it finds a Trojan.FakeAlert. It has the TDS file name again... Log is attached.

I wonder where this is coming from? It usually infects the temp folder or the system_volume_information folder.

[guestolo]

(Trojan.FakeAlert) -> No action taken.

You should remove the selected file after the scan

Please post the log from Kaspersky when your done

[antdgar]

[quote name=\'guestolo\' post=\'454877\' date=\'Jan 5 2009, 03:06 PM\']You should remove the selected file after the scan

Please post the log from Kaspersky when your done[/quote]

I've removed it now. The computer randomly reboots when the kaspersky online scanner is running :-s

[guestolo]

Is Nod32 enabled during the scan? If it is, it may very well interfere with the scanner
As noted on Kasperksy website

Attention: Kaspersky Online Scanner 7.0 may not run successfully while any other antivirus program is running. If you have another antivirus program installed, please turn it off  before running Kaspersky Online Scanner 7.0.

Edit: I don't have Nod32 installed, but from what I found
To disable it
Look for it's icon in bottom right hand corner

    * click it -> click on the X button (Quit)
    * a popup will warn that protection will now be disabled. Click on "Yes" to disable the Antivirus guard.

[antdgar]

Thanks. The scan run successfully. The 'report' is attached. However, the scan found 2 infected files, but they were only in the ESET NOD32 quarantine folder. So really there are no infected files.

It took a whopping 3 hours to do the scan. I chose to scan the 'most important' files, rather than the whole hard disk. I may do that tonight, so I can sleep instead of waiting 3 hours again^^

[guestolo]

Alright, I'll await the Full scan report

[antdgar]

[quote name=\'guestolo\' post=\'454952\' date=\'Jan 6 2009, 01:05 PM\']Alright, I'll await the Full scan report[/quote]

Hmm, something is wrong. I let the scan run over night. It ran for 8 hours and wasn't finished. I had to cancel it... It only scanned 10,000 files. There are over 100,000 files on the hard disk.

[guestolo]

Don't worry about rerunning Kaspersky, you can uninstall it from Add/remove

It seems something still remains. Every time I search with MBAM (Malware Bytes') it finds a Trojan.FakeAlert. It has the TDS file name again... Log is attached.

I wonder where this is coming from? It usually infects the temp folder or the system_volume_information folder.

It's been awhile, I forgot that we didn't do the final cleanup steps
Do you still have all the tools that we used to clean your computer?
I'm enquiring as I want to remove them properly

[antdgar]

[quote name=\'guestolo\' post=\'454989\' date=\'Jan 6 2009, 08:25 PM\']Don't worry about rerunning Kaspersky, you can uninstall it from Add/remove



It's been awhile, I forgot that we didn't do the final cleanup steps
Do you still have all the tools that we used to clean your computer?
I'm enquiring as I want to remove them properly[/quote]

Yes, I have all the tools that we used to clean the computer.

I'm leaving here tomorrow^^

[guestolo]

I've been busy, and it appears you have been also, but since your out of there right away
Please do the following

Go to START>>RUN>>copy and paste in the following then hit OK

combofix /u

This will uninstall ComboFix and it's components

You have CCleaner installed, run the Cleaner to clean temp files, etc...

OTScanit2

• Double-click OTScanit2.exe to run it.
  
• Click the Cleanup! button
  A list will be downloaded>>Allow it Internet access if prompted by your Firewall
  Don't change anything in this list
  
• Select Yes at the prompt
  Wait for the confirmation box to open to reboot the computer
  Don't mouseclick during the wait as you may cause the tool to stall
  
• Select Yes to reboot Now
  

I suggest that you add SpywareBlaster to your protection software
SpywareBlaster  by JavaCool  

*Will block bad ActiveX Controls
*Block Malevolent cookies in Internet Explorer and Firefox
*Restrict actions of potentially dangerous sites in Internet Explorer

Select Manual updating when installing
After installation, Check for updates
After updating, select "Protection Status" on the Left
Then select "Enable all Protection"
"Check for updates every couple of weeks"
after every update just simply click the "enable protection on all unprotected items"
or again, click on Protection Startus>>enable all protection

Take a look at miekiemoes site with other ideas on How to prevent Malware:

[Mr.Steve]

<Advice Removed>